Audit Strategies

The following list includes all Audit Strategies for Central Administration, Identity Manager, and Exit Point Manager.

NOTE: For information regarding Strategies specific to other Powertech Products, see the documentation included with that product.

Central Administration Strategy Descriptions

  • Access Right Integrity checks that the access flags assigned to a product security role are the same on the manager and endpoint.
  • Product Security Controls checks on the Product Security Setting “Use Role-Based Security” to ensure that the endpoints are set the same way as the manager.
  • Role Integrity checks that the Roles defined on the manager are also on the endpoint.
  • Role User Integrity checks that the users assigned to a role are the same on the manager and the endpoints.

Identity Manager Strategy Descriptions

  • User Profile Settings compares the user profile values on managed systems with the values you have defined in Identity Manager.
  • New User Profiles detects any new profiles that have been added to systems outside of Identity Manager.
  • Profile Last Sign On allows a Remedy for users who have not signed on for a set number of days. The Strategy allows you to set a number of days, in order to identify and manage the users who have not signed on for that number of days.
  • Auto-Balanced Profile Pools identifies missing *USRPRF objects for Profiles that are attached to automatically balanced Profile Pools. The identified Profiles can be removed from Identity Manager or can have the *USRPRF object recreated.
  • Verify Profile Existence identifies missing *USRPRF objects for Profiles that are NOT attached to automatically balanced Profile Pools. The identified Profiles can be removed from Identity Manager or can have the *USRPRF object recreated.
  • User Profile Object Owner verifies/corrects the ownership of an authority to user profile objects.

Exit Point Manager Strategy Descriptions

NOTE: All of Exit Point Manager's strategies identify Rules or other aspects of Exit Point Manager that differ between the Management System and an Endpoint. A Rules that is added, deleted, or changed directly on an Endpoint (i.e. outside of the Management System) does not affect Exit Point Manager's Rule settings on the Management System, and will cause a discrepancy between the Management System and Endpoint.
  • User Rules - New compares User Rules on the Management System with User Rules on Endpoints and identifies those that have been added to Endpoints.
  • User Rules - Missing compares User Rules on the Management System with User Rules on Endpoints and identifies those that have been removed from Endpoints.
  • User Rules - Settings compares User Rules on the Management System with User Rules on Endpoints and identifies those whose settings do not match.
  • User Rules - Corrupted identifies User Rules that have been corrupted.
  • Location Rules - New compares Location Rules on the Management System with Location Rules on Endpoints and identifies those that have been added to Endpoints.
  • Location Rules - Missing compares Location Rules on the Management System with Location Rules on Endpoints and identifies those that have been removed from Endpoints.
  • Location Rules - Settings compares Location Rules on the Management System with Location Rules on Endpoints and identifies those whose settings do not match.
  • Location Rules - Corrupted identifies Location Rules that have been corrupted.
  • Server/Function - New compares Servers and Functions on the Management System with Servers and Functions on Endpoints and identifies those that have been added to Endpoints.
  • Server/Function - Missing compares Servers and Functions on the Management System with Servers and Functions on Endpoints and identifies those that have been removed from Endpoints.
  • Server/Function - Settings compares the active Servers and Functions on the Management System with active Servers and Functions on Endpoints and identifies any discrepancy.
  • Server/Function - Corrupted identifies Servers and Functions that have been corrupted.
  • Memorized Trans - New compares Memorized Transactions on the Management System with Memorized Transactions on Endpoints and identifies those that have been added to Endpoints.
  • Memorized Trans - Missing compares Memorized Transactions on the Management System with Memorized Transactions on Endpoints and identifies those that have been removed from Endpoints.
  • Memorized Trans - Corrupted identifies Memorized Transactions that have been corrupted.
  • Prefilters - New compares Pre-Filters on the Management System with Location+User Pre-Filters on Endpoints and identifies those that have been added to Endpoints.
  • Prefilters - Missing compares Pre-Filters on the Management System with Location+User Pre-Filters on Endpoints and identifies those that have been removed from Endpoints.
  • Prefilters - Settings compares Pre-Filters on the Management System with Location+User Pre-Filters on Endpoints and identifies those whose settings do not match.
  • Prefilters - Corrupted identifies Pre-Filters that have been corrupted.
  • SecureScreen Filters- New compares SecureScreen Filters on the Management System with SOMETHING on Endpoints and identifies those that have been added to Endpoints.
  • SecureScreen Filters - Missing compares SecureScreen Filters on the Management System with SOMETHING on Endpoints and identifies those that have been removed from Endpoints.
  • SecureScreen Filters - Settings compares SecureScreen Filters on the Management System with SOMETHING on Endpoints and identifies those whose settings do not match.
  • SecureScreen Filters - Corrupted identifies SecureScreen Filters that have been corrupted.
  • User Groups - New compares User Groups on the Management System with User Groups on Endpoints and identifies those that have been added to Endpoints.
  • User Groups - Missing compares User Groups on the Management System with User Groups on Endpoints and identifies those that have been removed from Endpoints.
  • User Groups - Settings compares User Groups on the Management System with User Groups on Endpoints and identifies those whose settings do not match.
  • User Groups - Corrupted identifies User Groups that have been corrupted.
  • User Group Members - New compares User Group Members on the Management System with User Group Members on Endpoints and identifies those that have been added to Endpoints.
  • User Group Members - Missing compares User Group Members on the Management System with User Group Members on Endpoints and identifies those that have been removed from Endpoints.
  • User Group Members - Settings compares User Group Members on the Management System with User Group Members on Endpoints and identifies those whose settings do not match.
  • User Group Members - Corrupted identifies User Group Members that have been corrupted.
  • System - New compares System Values on the Management System with System Values on Endpoints and identifies those that have been added to Endpoints.
  • System - Missing compares System Values on the Management System with System Values on Endpoints and identifies those that have been removed from Endpoints.
  • System - Settings compares System Values on the Management System with System Values on Endpoints and identifies those whose settings do not match.
  • Object List - New compares Object List on the Management System with Object Lists on Endpoints and identifies those that have been added to Endpoints.
  • Object List - Missing compares Object Lists on the Management System with Object Lists on Endpoints and identifies those that have been removed from Endpoints.
  • Object List - Settings compares Object Lists on the Management System with Object Lists on Endpoints and identifies those whose settings do not match.
  • Object List - Corrupted identifies Object Lists that have been corrupted.
  • Object List Entry - New compares Object List Entries on the Management System with Object List Entries on Endpoints and identifies those that have been added to Endpoints.
  • Object List Entry - Missing compares Object List Entries on the Management System with Object List Entries on Endpoints and identifies those that have been removed from Endpoints.
  • Object List Entry - Settings compares Object List Entries on the Management System with Object List Entries on Endpoints and identifies those whose settings do not match.
  • Object List Entry - Corrupted identifies Object List Entries that have been corrupted.
  • Object Rule - New compares Object Rules on the Management System with Object Rules on Endpoints and identifies those that have been added to Endpoints.
  • Object Rule - Missing compares Object Rules on the Management System with Object Rules on Endpoints and identifies those that have been removed from Endpoints.
  • Object Rule - Settings compares Object Rules on the Management System with Object Rules on Endpoints and identifies those whose settings do not match.
  • Object Rule - Corrupted identifies Object Rules that have been corrupted.
  • Prefilters (Server) - New compares Server Pre-Filters on the Management System with Server Pre-Filters on Endpoints and identifies those that have been added to Endpoints.
  • Prefilters (Server) - Missing compares Server Pre-Filters on the Management System with Server Pre-Filters on Endpoints and identifies those that have been removed from Endpoints.
  • Prefilters (Server) - Settings compares Server Pre-Filters on the Management System with Server Pre-Filters on Endpoints and identifies those whose settings do not match.
  • Prefilters (Server) - Corrupted identifies Server Pre-Filters that have been corrupted.
  • NS User Group - New compares NS User Groups on the Management System with NS User Groups on Endpoints and identifies those that have been added to Endpoints.
  • NS User Group - Missing compares NS User Group Members on the Management System with NS User Group Members on Endpoints and identifies those that have been removed from Endpoints.
  • NS User Group - Settings compares NS User Group Members on the Management System with NS User Group Members on Endpoints and identifies those whose settings do not match.
  • NS User Group - Corrupted identifies NS User Groups that have been corrupted.
  • NS User Group Member - New compares NS User Group Members on the Management System with NS User Group Members on Endpoints and identifies those that have been added to Endpoints.
  • NS User Group Member - Missing compares NS User Group Members on the Management System with NS User Group Members on Endpoints and identifies those that have been removed from Endpoints.
  • NS User Group Member - Settings compares NS User Group Members on the Management System with NS User Group Members on Endpoints and identifies those whose settings do not match.
  • NS User Group Member - Corrupted identifies User Group Members that have been corrupted.