on 09-15-2015 9:41 AM
Hi there,
we are trying to work on a proper auditing on rights.
We've come pretty far, but when we try to get information on ACL-assignments to Object+Users/Usergroups , we hit a wall.
Here is an example of what is logged in the Audit-DB when changing a folders security-settings by adding the User-Group (121312) with ACL (ID 121319):
Colums: (Date;Event_ID;Event_Type(Ändern=Change);Event_Detail_Type;Bunch;Event_Detail_Value;Object_Type;Object_Name)
While we can track down the ID of the ACL (121319), it seems not possible to get any info on the user/usergroup-side of this. We tried to make sense out of the entry "4:4QHZ4OwB2ec" but failed since it is neither ID nor CUID of the Usergroup.
Of course it is possible to track changes to the rights within an ACL, and changes to a usergroup. But there seems to be no link between those two, which we find unprobably.
Can anyone help with this? We cant believe there is no sufficient logging of these kind of changes.
Thank you for your assistance and best regards
Fabian
It looks like this is indeed a lack of funcitonality in BO. Feel free to vote on this topic in the ideas place: BO Audit for ACL assignments : View Idea
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey there,
a week has gone by and I still have not even a clue on where in the AuditDB is the information between Objects ACLs and Users.
It sort of renders BO Audit (for rights) useless if there are only direct assignments of rights in the audit db, that can't be it. Right?
Thanks for any input. :3
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi there,
also very much interested in this.
@SAP: Could we get an official statement on how to report on ACL assigments etc.?
Thanks a lot
Best Regards
Robert
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I don't think it is possible as there is no specific entry in Audit enabling page itself to identify the rights/Access level change for a particular User/UserGroup. However we can confirm this only after official confirmation from SAP.
Thanks
Mani
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
76 | |
9 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.