Maximo – Auditing security groups and authorizations

The Security groups and application authorizations reports are aimed at providing a simple tool to have an high level view of how Maximo security groups are designed and how application authorizations are designed.

Download: mx_security.zip

Security Overview report installation instructions

    1. Open the Administration > Report Administration application
    1. Create a new record and enter the following information:
        1. Report file name: mx_security.rptdesign
        1. Description: Security Security
      1. Application: SECURGROUP (Security Groups)
    1. Save the record
    1. Select Import Report action from the menu and in the Report Design File pick the mx_security.rptdesign file.
  1. Click on Generate Request Page and then on Preview button to run the report.

Application Security Overview report installation instructions

    1. Open the Administration – Report Administration application
    1. Create a new record and enter the following information:
        1. Report file name: mx_securityapp.rptdesign
        1. Description: Application Security Overview
      1. Application: SECURGROUP (Security Groups)
    1. Parameters:
        1. Parameter Name: securitygroup
        1. Attribute Name: GROUPNAME
        1. Lookup Name: birtsecuritygroups
        1. Display Name: Security Group
        1. Display Sequence: 1
      1. Multi-Lookup Enabled: Yes
    1. Save the record
    1. Select Import Report action from the menu and in the Report Design File pick the mx_securityapp.rptdesign file.
  1. Click on Generate Request Page and then on Preview button to run the report.

Report Information

    • The first report is called Security Overview and simply lists all the Security Groups and Start Centers counting how many users are assigned to them.
    • The second report is called Application Security Overview. It tries to represent which security groups provide access to applications.
    • The report lists all the applications in the rows and the security groups in the columns. The cell is yellow if read access is granted, orange if write access is granted, the number is the count of sigoptions granted.
  • The report can easily get too big if more than 20 security groups are defined so I decided to accept a list of security groups as filter so I can analyze smaller sets of data separately.