You are viewing limited content. For full access, please sign in.

Question

Question

Feature Request: Audit Windows Account Creation Date

asked on April 4, 2022

Hi All,

We've had a feature request from one of our customers who are looking to produce a report of all users who were granted or removed access from the Laserfiche repository within the past year.

In the Admin Console, the only dates shown against a user are the last login / last logout times.

In Audit Trail I can see when a Windows Account or Repository User is created in the repository manually, however the customer in question use Active Directory Groups in the repository to manage access. When a user is created this way it doesn't seem to be captured by Audit Trail as it's the system performing the action, rather than a user.

Example: I have an AD group called "Laserfiche Repository Access". In AD I add all of the users who need access to the repository to that group. In the Admin Console I add the group to the Windows Accounts node and set the authentication level to "Trusted" but don't set up any users. When a user who is part of that group signs in for the first time they inherit the trusted access level from the group, and their Windows Account appears automatically in the Admin Console. I can't see anywhere the date that this account was created.

Is there any way to achieve this? I'm guessing there might be a way if the users were being created in LFDS but not directly in the repository?

Many thanks,

Dan

1 0

Replies

replied on April 6, 2022

The first login event in audit trail would indicate that. Other than that, Laserfiche does not keep track of it.

If you're controlling access through Active Directory, wouldn't you also audit group membership changes in the "Laserfiche Repository Access" group through AD auditing?

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.