Querying the local summary database

You can create and run queries on the local summary database using Microsoft Access or other compatible third-party software.

For example, you can create a query using Microsoft Access that reports Windows NT agents in a domain that includes users who have the privilege to act as part of the operating system.

The following example describes how to create and run a query on the Act as Part of the Operating System check to report the module messages that the policy run generates.

To query module messages in the local summary database

Disable all of the checks in the Account Integrity module of a Windows 2000 demonstration policy except the Act as Part of the Operating System check.
If you have not already done so, add a test user to an agent computer.
Give the test user permission to act as part of the operating system.
Edit the check:
- Delete all of the entries in the Users and Groups namelists.
- Exclude the Users and Groups namelists from the check.
Run the demonstration policy on the agent computer.
Right-click the manager that is associated with the agent computer, and then click Store manager module messages.

The ESM console downloads the module messages to the local summary database.
Exit the ESM console to close the local summary database.
Use Windows Explorer to access the local summary database .mdb file in the Symantec\Symantec ESM Enterprise console\Database directory.
Use the Windows Access Query wizard to create a query. Specify the fields that you want displayed in the query and the related selection criteria.

For example, select Name in the MessageInstance table, Title in the Messages table, and Info in the MessageInstance table. Specify [Message Title] in the Title column for the selection criteria.
Run the query on the local summary database. At the Message Title prompt, type <check name>.

You should verify that the query indicates that the test user on the agent computer has the relevant permission.