Here is the scenario:

1.) I scope a computer a policy that they can run in self-service.

2.) I scope another policy to another computer that can be run in self-service.

3.) Both computers DON'T run the policies.

4.) I want to figure out which computer, has what policy, but not do it in a gui platform, I want to instead report out what computer has what policy scoped to them that they are able to run.

These seems "easy" enough, but no matter what I look at, I can't seem to find anything that can just spit out a "list" outside of going to the asset individually or looking at the policy itself.

Use case: I have a policy that is a template, I create a policy each time for each computer/user that needs this policy. I need to have a list of all users that have this policy associated with a device for auditing purposes. You're probably thinking, why can't you just put everyone in the same policy (great question), this is due to the nature of how we are trying to limit who has access to what. I don't want customer A able to run this "script" on customer B's computer, and likewise I don't want customer B to run this "script" on customer A's computer.

I hope this make sense, and I'm sure I'm not the first to think of this.

TLDR: I want to get a print out of all policies that are available to a user in self-service, but not through a graphical interface.