Veritas Data Insight User's Guide
- Section I. Introduction
- Section II. Data Insight Workspace
- Navigating the Workspace tab
- Analyzing data using the Workspace views
- Viewing access information for files and folders
- Viewing user activity on files or folders
- About visualizing collaboration on a share
- Viewing access information for users and user groups
- Section III. Data Insight reports
- Using Data Insight reports
- About Data Insight security reports
- Permissions reports
- Permissions Search report
- Creating a Permissions Query Template
- Permissions Query Template actions
- Ownership Reports
- About Data Insight storage reports
- About Data Insight custom reports
- Managing reports
- Viewing reports
- Using Data Insight reports
- Section IV. Remediation
- Configuring remediation workflows
- Managing workflow templates
- Creating a workflow using a template
- Managing workflows
- Using the Self-Service Portal
- About the Self-Service Portal
- Managing data
- About managing data using Enterprise Vault and custom scripts
- About adding tags to files, folders, and shares
- Managing permissions
- Configuring remediation workflows
- Appendix A. Command Line Reference
About recommending permissions changes for inactive users
You can use the audit logs to identify inactive users and recommend revoking of access rights to users and groups that do not have activity on a path.
Data Insight can recommend that a user be removed from a group, or a group be denied permission on a path, if the user or group is inactive on the path for the selected time period. However, Data Insight does not provide recommendations to modify well-known groups such as Everyone or Administrators.
Data Insight recommends that a user's permission be revoked if the user is inactive on a path. A user can be inactive on a path for multiple reasons. They are as follows:
If a user leaves the organization and the user's Active Directory account is disabled. Disabled user accounts are indicated by a greyed-out user icon against their names in the tree-view panel on the Workspace tab.
If the user is part of a group that has permissions on the path, but the user does not have any direct activity on the path.
A group can be considered inactive if it inherits permissions on a path as a part another group which has activity on that path, but the group itself does not have any activity on the path.
See Reviewing permission recommendations .
See Analyzing permission recommendations and applying changes.