Hi there,
we are trying to work on a proper auditing on rights.
We've come pretty far, but when we try to get information on ACL-assignments to Object+Users/Usergroups , we hit a wall.
Here is an example of what is logged in the Audit-DB when changing a folders security-settings by adding the User-Group (121312) with ACL (ID 121319):
Colums: (Date;Event_ID;Event_Type(Ändern=Change);Event_Detail_Type;Bunch;Event_Detail_Value;Object_Type;Object_Name)
While we can track down the ID of the ACL (121319), it seems not possible to get any info on the user/usergroup-side of this. We tried to make sense out of the entry "4:4QHZ4OwB2ec" but failed since it is neither ID nor CUID of the Usergroup.
Of course it is possible to track changes to the rights within an ACL, and changes to a usergroup. But there seems to be no link between those two, which we find unprobably.
Can anyone help with this? We cant believe there is no sufficient logging of these kind of changes.
Thank you for your assistance and best regards
Fabian