You are viewing limited content. For full access, please sign in.

Question

View security changes using Audit Report

Security Audit Trail

Updated June 27, 2017

asked on June 27, 2017

I have determined from the Audit Report that permissions were removed from a folder and I can see who the person was that removed those permissions (they removed a group from the folder). Is there a way to view the details of those changes. i am specifically trying to determine which groups were added and removed by this particular person.

1 0

Replies

replied on June 27, 2017

In the Audit Trail reporting interface, the Change Entry Permissions events should have information in the Old Security Descriptor and New Security Descriptor columns. You'll have to use the links there to expand the info, but they should give you the "before" and "after" information for the security change.

0 0

replied on June 27, 2017

I see now. I had multiple events selected so it was not showing those columns. Thanks.

0 0

You are not allowed to follow up in this post.

Sign in to reply to this post.

Asked June 27, 2017
Updated June 27, 2017
262 views