ℹ️ Internal article. This action is an internal CRS operations job and is not intended for customer use. Contact support if the functionality is of interest to you.
Internal CRS operations job that resolves the effective security permissions for every trustee (user and group) across all platforms and tenants and loads them into the internal Azure SQL warehouse for the Power BI dashboard. Filter by tenant and user to see a user's permissions, or by permission to see who has it allowed. Deny overrides Allow, and OU-scoped permissions are reported per organizational unit.
The action is an internal operations job that runs on a schedule at CRS. It requires administrator rights and direct database access and is not part of a normal customer setup.
Parameter | Explanation |
| Connection string to the internal Azure SQL data warehouse that receives the results. |
| When enabled, drops and recreates the destination tables before the run; use after a schema change. |
| Comma-separated list of platform database segments to iterate (default Prod02,Prod03,Prod05,Prod06). |
| Connection string to the source SQL Server that hosts the production tenant databases. |
| Comma-separated platform=tenant pairs to exclude from the crawl. |
See also the overview SyncTool – actions.
