• State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 62 subscribers
  • Views 7625 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do you audit changes to delegation in ARS

lee.andrews_82510
over 7 years ago

I can't find any change history that shows when a user was given delegated access to manage a group in AD via ARS.  Is this recorded somewhere? 

Parents
  • 0 over 7 years ago
    I will post the following email snippet of the reply that I received for my service request (from December, 2015):
    "|SR Number:3172659| - Change History for internal ARS delegation changes?"
    -----
    At this time, access template linkage modifications are not tracked in the Change History. These do show up in the event viewer under the EDM Server event log, however they're not very straight-forward as they deal with object GUID's and object SID's rather than their display names. Even if you grab the Object GUID from the access template in question, it's displayed in a different format than what's recorded in the event log. Unfortunately there are several different methods of displaying GUID values and in this case, they've used 2 different methods. On top of that, they use a different format to write the Trustee SID in the event log than they use to display it on an object properties.

    At this point, I wouldn't have any good advice for finding this information other than a lot of work converting values and searching through the event log.

    Please let me know if you'd like me to submit an enhancement request on your behalf to implement Change History logging of Access Template linkages.
    -----

    That's the last time I looked into this.
    -Steve
Reply
  • 0 over 7 years ago
    I will post the following email snippet of the reply that I received for my service request (from December, 2015):
    "|SR Number:3172659| - Change History for internal ARS delegation changes?"
    -----
    At this time, access template linkage modifications are not tracked in the Change History. These do show up in the event viewer under the EDM Server event log, however they're not very straight-forward as they deal with object GUID's and object SID's rather than their display names. Even if you grab the Object GUID from the access template in question, it's displayed in a different format than what's recorded in the event log. Unfortunately there are several different methods of displaying GUID values and in this case, they've used 2 different methods. On top of that, they use a different format to write the Trustee SID in the event log than they use to display it on an object properties.

    At this point, I wouldn't have any good advice for finding this information other than a lot of work converting values and searching through the event log.

    Please let me know if you'd like me to submit an enhancement request on your behalf to implement Change History logging of Access Template linkages.
    -----

    That's the last time I looked into this.
    -Steve
Children
No Data