I'm trying to manage about 700+ shared folders created by the former admin in our account without having to click into each one to get permissions.
Is there a way to export a list of shared folders with the users of the shared folder? A bonus would be to have their access level but I would just be happy with getting a basic report of folder name and who is assigned.
I was able to get this done with Postman (there's no help on this forum unfortunately).
The output is kind of terrible to read and I've used several methods to clean it up and one worked great but it won't update when you have to pull new info..
It would be outstanding if Lastpass would help make the reporting better (wonder if they actually listen at all?)!
https://support.lastpass.com/help/use-the-lastpass-enterprise-api-postman-collection
Can I ask what 700 shared folders are for?
We are trying to down play the use of shared folders in favour of named sharing, because for the average user it is hard for them to see the groups and other permissions applicable. For example if I share to a group called "Accounts", and someone leaves Accounts, someone else joins, it may be less apparent that they need to change that password or whose responsibility it is.
I do think the whole "Shared Folder" thing user experience is poor, and that for secrets we almost want a UI that tracks these types of changes, and alerts users which passwords may be known to people who have left, or just not changed since the last group change. Could be added to the scoring, might be determined from existing metadata.
The API does support getting information on shared folders but the documentation is spartan, we did use it for automatically sharing certificates to each user, in that case one shared folders and for each user we granted individual permissions to access the object to the admin and the user concerned within the folder. Probably not the most secure, but given how it was done before and what it was protecting perfectly fine.
Lots of shared folders but it was just their workflow and was needed because of how they segmented the outside partners they worked with.
"we almost want a UI that tracks these types of changes, and alerts users which passwords may be known to people who have left, or just not changed since the last group change"
^^ that would would be beneficial for us as well- and many others I'd imagine.
May be a great thing to suggest as a feature
oh, and just as an additional thing, most of our users cannot see the password so when they leave it is a non issue (they never saw it to begin with).
Curious if anyone filed an FR for the API call for this?
While if you are MSP'ing or MSSPing this product that would make sense to do the API calls and provide to customers, not all customers will have the time to craft such and will rely on default reports from the Portal.