Jump to content

New Audit User


Mcsirl

Recommended Posts

Hi Guys,

 

We have a user in our company who is responsible for all Audit tasks.  Previously the external auditors would come to me and we would sit down and print-screen which users had access to the specific passwords they requested.  Also they would ask me to print screen the history of the password so they could see when changes were made to the password.

 

Is there a way for me to give this access to the above new Audit person without giving him access to any of the passwords ?

 

I cant find a way to do this so any help would be greatly appreciated.

 

Basically the audit user need access to view password/list permissions and also password history.

 

Thanks

Alan

Link to comment
Share on other sites

Hi Alan,

 

There are a couple of Security Administrator roles that you could assign to assist with this i.e. to give them access to the Auditing screen in the Administration area, and maybe the Reporting screen. Each of the Nodes in the Navigation Tree in the Administration area are separate roles for Security Administrators.

The one which is not possible is Password History - you must have access to the Password List in order to view the history of changes to records. There is auditing data for 'Password Updated', but that does not necessarily mean the value of the password has been updated - it could be other fields as well.

Regards

Click Studios

Link to comment
Share on other sites

Thanks for the quick reply,

 

Ive assigned the user Reporting, Auditing and Auditing Graphs in Security Administrator Roles.  But they still are unable to view the password list permissions ?

 

Can you talk me through how to allow this for the audit user pls ?

 

Thanks

Alan

Link to comment
Share on other sites

Hi,

 

Yes i can confirm they have this access,  but theres no way to run a report on an individual password or password list.  The only options i have are :

1. What permissions exist (all users and security groups)?

2. What permissions exist for a user?

3. What Permissions exist for a Security Group?

4. What permissions exist for all shared password records (enumerated permissions report)?

 

What im looking for is that the audit user can click on a password list (but not the individual entries in it) so as to see the password list permissions like the screenshot attached.....

 

image.thumb.png.b65af5f91d62a125dc319831409b16b5.png

 

Link to comment
Share on other sites

Hello Mcsirl,

 

That's correct - the Reporting And Password Lists screens in the Administration area is for all Shared Password Lists, but they could just filter out the results in the export. If you don't want them doing this, then unfortunately your only options are to either continue with the process you have, or give them access to the individual Password Lists.

 

Regards

Click Studios

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...