Standard Reference Tables & Views for the AzureADInventory Data Collector
The AzureADInventory Data Collector collects essential user and group inventory information into standard reference tables. Unlike other Access Analyzer data collectors, the AzureADInventory Data Collector writes data to these tables regardless of the job executing the query.
These tables and their associated views are outlined below:
| Table | Details |
|---|---|
| SA_AzureADInventory_Contacts | Contains a list of principal identifiers and their corresponding Department and Job Title |
| SA_AzureADInventory_Domains | Contains information about the domain such as last updated date and time |
| SA_AzureADInventory_EffectiveGroupMembers | Contains expanded group membership which includes a flattened representation of members and nesting levels |
| SA_AzureADInventory_Exceptions | Contains information about security issues and concerns See the AzureADInventory Exception Types Translated section for an explanation of Exception Types |
| SA_AzureADInventory_ExceptionTypes | Contains more detailed information about each security issues and concerns See the AzureADInventory Exception Types Translated section for an explanation of Exception Types |
| SA_AzureADInventory_ExtendedAttributes | Contains information gathered by the custom attributes component of the query configuration |
| SA_AzureADInventory_GroupMembers | Contains a map of groups to member Identifiers |
| SA_AzureADInventory_GroupOwners | Contains a map of groups to owner Identifiers |
| SA_AzureADInventory_Groups | Contains extended information about groups, mail enabled, security enabled, and so on |
| SA_AzureADInventory_Principals | Contains common attributes for users, groups, and computers as well as references to their primary display name and mail addresses |
| SA_AzureADInventory_Users | Contains extended information about users, department, title, and so on |
Views are the recommended way for you to obtain the information gathered by the AzureADInventory Data Collector. They contain additional information for building queries easily. The following is an explanation of the corresponding views created for some of the tables generated by the AzureADInventory Data Collector:
| Views | Details |
|---|---|
| SA_AzureADInventory_EffectiveGroupMembersView | Contains effective group membership information |
| SA_AzureADInventory_ExceptionsView | Contains principals that are identified to have security concerns as well as detailed security concern information |
| SA_AzureADInventory_GroupMembersView | Contains group membership information |
| SA_AzureADInventory_GroupOwnersView | Contains group owner information |
| SA_AzureADInventory_GroupsView | Contains group level information |
| SA_AzureADInventory_PrincipalsView | Contains common attributes from the principals table including additional domain details |
| SA_AzureADInventory_UsersView | Contains user information |
AzureADInventory Exception Types Translated
The following table translates the Type of Exceptions that can found.
| Type | Exception | Description |
|---|---|---|
| 1 | Large Groups | Groups with a large amount of effective members |
| 2 | Deeply Nested | Groups with deep levels of membership nesting |
| 3 | Circular Nesting | Groups with circular references in their effective membership |
| 4 | Empty Groups | Groups with no membership |
| 5 | Single Member Groups | Groups with a single direct member |
| 6 | Stale Users | Users that have not logged onto the domain for an extended period of time |
| 7 | Stale Membership | Groups with a high percentage of effective members that are stale users |
| 8 | Large Token | Users with a large amount of authorization groups in their token |