on 06-20-2016 4:25 PM
Hello Experts,
Due to audit requirements, our client requested that a log of all changes to the productive system be logged.
We have accomplished this by maintaining a manual log of changes, but this is not a satisfying solution for an audit.
We are currently doing all transports by using the MMC Import/Export function, so we do not have any record of the change beside the produced mmc file.
Is there any table were the history of such transport is stored? We would just need to have the date/time of the import and the name of the imported file.
We have though of several other options, but each have their own weakness:
So, did any of you meet this requirement? If so, how did you fulfill it? What information can we use to produce a complete and accurate report of the changes and transport to the productive system, if possible without increasing risk of errors during the transport ?
Thanks,
Julien Garagnon
Hi Julien,
No there's really no record of import / export, although this sounds like something that should be added to the idea place for Version 8.
The only think I can think of would be a job to trigger the launching of Import/Export but of course it could still be called manually.
Matt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Fedya,
This is exactly the kind of information we would need, but we are currently using IDM 7.2.
There is also a check-in/check-out process in this version, but it only work at the job level, and I do not know how it works with transports.
I think the solution we will offer the client is to keep the history of exported files and generate a regular report of the last modification date of the tasks/jobs.
I will keep this topic open for a few days to see if any solution arises, but otherwise it seems we are out of luck.
Regards,
Julien
Hello Julien,
in IdM 7.2 we are using a different approach.
Every developer has his own "mxmc_admin"-user and we log the changes with database-traces on several tables which contain tasks/jobs.
This way you can fullfill your audit requirements, because logging is done on database-level and is fully isolated by the user doing changes in the system.
1. Step: Create a seperate mxmc_admin_<username> database-user for every developer with same permissions like the "original" mxmc_admin.
2. Step: Enable Database-Traces on Tables like mc_jobs or mc_tasks (hope i spelled them right).
3. Step: Most of the essential changes on the idm configuration is logged in the database-traces with timestamp, change and the user who did it. This way you a pretty reliable solution.
Greetings, Aydin
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.