Hello community,
I'm wondering if there is a way to audit, report and alert against user account permission changes? I know that the current audit log is able to display when a user account is created and when it's deleted. I'm just wondering if there is a way we can detect permission changes to an already existing account or AD group. For example turning ON or OFF Admin rights to NPM or SAM etc... Are these changes logged in the database somewhere we could query? Could we alert against them? Any information would be greatly appreciated.
Thanks, MC