How come I am seeing the user unknown in the Privileged Account Audit?
search cancel

How come I am seeing the user unknown in the Privileged Account Audit?

book

Article ID: 12449

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction



Why am I seeing an unknown user listed in grant access to account event details? 

Environment

r12.8 CF3 patched Enterprise Manager

Resolution

In the r12.8 CF3 Server patch we made a change to how we audit no approval workflow type events. These are events where a user requested access to an account where there is no approval needed. If the request is for a future time an event is generated called 'Grant Access to Account Event' which gives the access. Before CF3 these events we seen listed as the default approver such as the system manager user. However, since these are no approval required events this was incorrectly being audited. So we made a change so that the user is now seen as unknown to designate that no one approved it as it wasn't required.