Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Trying to Get Individual Accountability on the Config Change Report

We have been asking for this for a few years, but I'm wondering if there's any way we can rig it up with our current version of NCM (v8.3.177) so that we are prompted to enter login credentials when we go to execute commands on our network nodes rather than having them stored in the NCM application?

The issue is I want to be able to use radius authentication so that each of the technicians that make changes on the switches can login with their credentials, but the way NCM works is you have to enter a username/password in the GUI and then it's stored there until you clear it out and enter new credentials. So when the next guy logs in to make a change and forgets to change the name/password then it makes the change under the previous persons credentials.

Is there any way to:

- Have NCM not store names/passwords and instead prompt for credentials when you are ready to execute a command script OR

- Have NCM use the credentials of the person currently logged in to execute the command scripts OR

- Something else I haven't even thought of yet to get to where we have individual accountability for changes made to the system without searching through incredibly vague audit reports?

Currently we have a single local account on our switches with passwords that no-one knows but solarwinds and another tool that stores passwords for us. So when I get the config change report all changes were made by that local account. Now I could look at the date/timestamps from that change and then go run the audit report and try to find the line that matches most closely with that date/time but that's an incredibly tedious process. For now I'm just having the technicians write in the description field or ACL remarks the ticket number of the issue they are working on so we could potentially know who made the change if it were needed in the future, but this is also not a very good audit trail. The ideal solution would be the config change report showing that "user X made the following changes", but NCM doesn't seem to be setup to easily use different credentials for logging into the network nodes.

Any ideas?

Find more posts tagged with

Accepted answers

All comments

jkrenzien

If I am understanding your issue you can use the user-level credentials. You can enable them at NCM Settings - Secuirty - Set Device Login& User Account Credentials to Individual. And to change your user level info you go to NCM Settings Manage User level Login Credentials. After that change all of you devices to use user defined credentials and delete any stored credentials under NCM Settings - Manage Connection Profiles.

dlvonde

hey Thanks I will give it a shot . I just now got back on here after several months away.

dlvonde

Well, I just upgraded to the latest version of NCM (where it is now web-based) and see there is a log of all changes and the ID's that made them, so this is a big step forward .