User blacklist filtering

juanr1vargas · ‎Jan 21, 2021

I would like to know if the only way to blacklist accounts is to use % and _ as wildcard characters. Does FNM support regular expressions to exclude accounts?

mfranz · ‎Jan 22, 2021

Hi,

With some luck the blacklist is just applied using a LIKE statement. That *could* mean that T-SQL regular expressions work. Not tested.

https://www.sqlshack.com/t-sql-regex-commands-in-sql-server/

Best regards,

Markward

erwinlindemann · ‎Jan 26, 2021

FNMS indeed uses a simple LIKE for comparing the users reported by your Inventory data source with the users listed in the [FNMSCompliance].[UserNameBlacklist] table.

If you are familiar with SQL and a bit adventurous, you can customize the SQL code contained in the ”User.xml” WRITER file though.

On your FNMS Batch Server, the ”User.xml” file can be found in the following folder:

\ProgramData\Flexera Software\Compliance\ImportProcedures\Inventory\Writer

In the "UsersWriter" module in this file, locate and customize the following UPDATE statement to your liking:

UPDATE iu
SET IsBlacklisted = 1
FROM #importeduser iu
LEFT JOIN dbo.ComplianceDomain cd
	ON cd.ComplianceDomainID = iu.ComplianceDomainID
WHERE EXISTS (
	SELECT	'x'
	FROM	dbo.UserNameBlacklist unb
	WHERE	iu.SAMAccountName LIKE unb.UserName
			OR (cd.FlatName IS NOT NULL 
            AND (cd.FlatName + '\' + iu.SAMAccountName LIKE unb.UserName))
	)				)

As usual, make sure to create a backup of this file before doing your modifications, please 😊.