Auditing for Windows Integrated API Permissions

[Sven Kiewidt]

Hi,

 

suddenly we "lost" all Windows integrated API permissions and we did not know, why.

Therefore we would like to have an auditing of who changed what permissions and when regarding to Windows Integrated API.

THX

[support]

Hi Sven,

 

For this request, do you mean auditing on the screen Administration -> Feature Access, where you can grant user's access to use the Windows Integrated API? If so, and you've probably considered this, but was there any change control documentation for changes on this screen - maybe that will help determine who modified these permissions?

Regards

Click Studios

[Sven Kiewidt]

Hi,

yes that is the point I mean.

And with "change control documentation" I believe you mean in our internal ITSM process or?

If so, no, unfortunately on our internal Change system there was nothing as there was no planned change. We believe, the configuration was either done by someone by mistake or some technical issue lead to the misconfiguration.

 

Regards,

 

Sven

[support]

Okay, thanks Sven.

 

Do you have many Security Administrators who have access to this screen? Maybe you could reach out to them and ask why the permissions were removed?

Regards

Click Studios

[Sven Kiewidt]

HI, no there are only 5 possible admins.
Reached out to all and nobody is aware about doing such a change.

So we would like to have an auditing here to be sure, why it happened (if it will happen again)

Thx