RapidIdentity Portal Roles
Column | Value |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
The Role Created event is logged whenever a Roles Managed Role is created. A Role Saved event is logged whenever a Roles Managed Role is updated and the changes are saved.
Note
In previous versions of RapidIdentity, these two events were condensed as Role Saved. This functionality has changed; ensure the correct event is being requested when pulling a report against this information.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.saveGroup |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of the Managed Role |
target | This will contain the DN of the Managed Role |
Name | Value/Description | Multi-valued |
|---|---|---|
name | The name of the Managed Group | false |
description | The Role's description (if applicable) | false |
type | The Managed Role's type | false |
coOwnerEditable | Boolean value indicating whether co-owners may edit the role | false |
ownerDN | The DN(s) of any or all of the Role's owners | true |
coOwnerDN | The DN(s) of any or all of the Role's co-owners | true |
staticMemberDN | The DN(s) of any or all of the Role's static members | true |
staticExcludeDN | The DN(s) of any or all of the Role's static excludes | true |
dynamicMemberFilter | The Role's dynamic member filter (if applicable) | false |
dynamicMemberBaseDN | The Role's dynamic member Base DN (if applicable) | false |
dynamicExcludeFilter | The Role's dynamic exclude filter (if applicable) | false |
dynamicExcludeBaseDN | The Role's dynamic exclude Base DN (if applicable) | false |
autoSyncInterval | The Role's auto-sync interval value | false |
externalIntegrationStatus | The Role's external integration status value (if applicable) | false |
{ldapAttribute} | If the Group has custom attributes each value will be keyed off of its associated LDAP attribute name | true |
The Role Membership Updated event is logged whenever a Roles Managed Role has its membership updated.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.updateGroupMembership |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of updated Role |
target | This will contain the DN of the updated Role |
Name | Value/Description | Multi-valued |
|---|---|---|
name | The name of the Managed Group | false |
description | The Role's description (if applicable) | false |
type | The Managed Role's type | false |
coOwnerEditable | Boolean value indicating whether co-owners may edit the group | false |
ownerDN | The DN(s) of any or all of the Role's owners | true |
coOwnerDN | The DN(s) of any or all of the Role's co-owners | true |
staticMemberDN | The DN(s) of any or all of the Role's static members | true |
staticExcludeDN | The DN(s) of any or all of the Role's static excludes | true |
dynamicMemberFilter | The Role's dynamic member filter (if applicable) | false |
dynamicMemberBaseDN | The Role's dynamic member Base DN (if applicable) | false |
dynamicExcludeFilter | The Role's dynamic exclude filter (if applicable) | false |
dynamicExcludeBaseDN | The Role's dynamic exclude Base DN (if applicable) | false |
autoSyncInterval | The Role's auto-sync interval value | false |
externalIntegrationStatus | The Role's external integration status value (if applicable) | false |
{ldapAttribute} | If the Group has custom attributes each value will be keyed off of its associated LDAP attribute name | true |
The Role Deleted event is logged whenever a Roles Managed Role is deleted.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.deleteGroup |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of deleted Role |
target | This will contain the DN of the deleted Role |
Name | Value/Description | Multi-valued |
|---|---|---|
name | The name of the Managed Role | false |
description | The Role's description (if applicable) | false |
type | The Managed Role's type | false |
coOwnerEditable | Boolean value indicating whether co-owners may edit the group | false |
ownerDN | The DN(s) of any or all of the Role's owners | true |
coOwnerDN | The DN(s) of any or all of the Role's co-owners | true |
staticMemberDN | The DN(s) of any or all of the Role's static members | true |
staticExcludeDN | The DN(s) of any or all of the Role's static excludes | true |
dynamicMemberFilter | The Role's dynamic member filter (if applicable) | false |
dynamicMemberBaseDN | The Role's dynamic member Base DN (if applicable) | false |
dynamicExcludeFilter | The Role's dynamic exclude filter (if applicable) | false |
dynamicExcludeBaseDN | The Role's dynamic exclude Base DN (if applicable) | false |
autoSyncInterval | The Role's auto-sync interval value | false |
externalIntegrationStatus | The Role's external integration status value (if applicable) | false |
{ldapAttribute} | If the Group has custom attributes each value will be keyed off of its associated LDAP attribute name | true |
The Role Manual Sync event is logged whenever a Roles Managed Role is manually synced.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.manualSync |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of synced Role |
target | This will contain the DN of the synced Role |
Name | Value/Description | Multi-valued |
|---|---|---|
name | The name of the Managed Role | false |
description | The Role's description (if applicable) | false |
type | The Managed Role's type | false |
coOwnerEditable | Boolean value indicating whether co-owners may edit the role | false |
ownerDN | The DN(s) of any or all of the Role's owners | true |
coOwnerDN | The DN(s) of any or all of the Role's co-owners | true |
staticMemberDN | The DN(s) of any or all of the Role's static members | true |
staticExcludeDN | The DN(s) of any or all of the Role's static excludes | true |
dynamicMemberFilter | The Role's dynamic member filter (if applicable) | false |
dynamicMemberBaseDN | The Role's dynamic member Base DN (if applicable) | false |
dynamicExcludeFilter | The Role's dynamic exclude filter (if applicable) | false |
dynamicExcludeBaseDN | The Role's dynamic exclude Base DN (if applicable) | false |
autoSyncInterval | The Role's auto-sync interval value | false |
externalIntegrationStatus | The Role's external integration status value (if applicable) | false |
{ldapAttribute} | If the Group has custom attributes each value will be keyed off of its associated LDAP attribute name | true |
The Role Auto Sync event is logged whenever a Roles Managed Role is automatically synced.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.autoSync |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of synced Role |
target | This will contain the DN of the synced Role |
Name | Value/Description | Multi-valued |
|---|---|---|
name | The name of the Managed Role | false |
description | The Role's description (if applicable) | false |
type | The Managed Role's type | false |
coOwnerEditable | Boolean value indicating whether co-owners may edit the group | false |
ownerDN | The DN(s) of any or all of the Role's owners | true |
coOwnerDN | The DN(s) of any or all of the Role's co-owners | true |
staticMemberDN | The DN(s) of any or all of the Role's static members | true |
staticExcludeDN | The DN(s) of any or all of the Role's static excludes | true |
dynamicMemberFilter | The Role's dynamic member filter (if applicable) | false |
dynamicMemberBaseDN | The Role's dynamic member Base DN (if applicable) | false |
dynamicExcludeFilter | The Role's dynamic exclude filter (if applicable) | false |
dynamicExcludeBaseDN | The Role's dynamic exclude Base DN (if applicable) | false |
autoSyncInterval | The Role's auto-sync interval value | false |
externalIntegrationStatus | The Role's external integration status value (if applicable) | false |
{ldapAttribute} | If the Group has custom attributes each value will be keyed off of its associated LDAP attribute name | true |
The Role Membership Added event is logged whenever a Roles Managed Role has a member added.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.groupMembershipAdded |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of the Role |
target | This will contain the DN of the Role |
Name | Value/Description | Multi-valued |
|---|---|---|
memberId | The Idauto ID of the new member | false |
memberDn | The DN of the new member | false |
The Role Membership Removed event is logged whenever a Roles Managed Role has a member removed.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.groupMembershipRemoved |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of the Role |
target | This will contain the DN of the Role |
Name | Value/Description | Multi-valued |
|---|---|---|
memberId | The Idauto ID of the member being removed | false |
memberDn | The DN of the member being removed | false |
The User Membership Added event is logged whenever a User is added to a new Roles role.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.userMembershipAdded |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of the User |
target | This will contain the DN of the User |
NNameame | Value/Description | Multi-valued |
|---|---|---|
groupId | The Idauto ID of the Role | false |
groupDn | The DN of the Role | false |
groupName | The name of the Role | false |
The User Membership Removed event is logged whenever a User is removed from a new Roles role.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.userMembershipRemoved |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of the User |
target | This will contain the DN of the User |
Name | Value/Description | Multi-valued |
|---|---|---|
groupId | The Idauto ID of the Role | false |
groupDn | The DN of the Role | false |
groupName | he name of the Role | false |
The Role Imported event is logged whenever a Roles Managed role is imported.
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.importGroup |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of the Role |
target | This will contain the DN of the Role |
Name | Value/Description | Multi-valued |
|---|---|---|
name | The name of the Managed Role | false |
description | The Role's description (if applicable) | false |
type | The Managed Role's type | false |
coOwnerEditable | Boolean value indicating whether co-owners may edit the group | false |
ownerDN | The DN(s) of any or all of the Role's owners | true |
coOwnerDN | The DN(s) of any or all of the Role's co-owners | true |
staticMemberDN | The DN(s) of any or all of the Role's static members | true |
staticExcludeDN | The DN(s) of any or all of the Role's static excludes | true |
dynamicMemberFilter | The Role's dynamic member filter (if applicable) | false |
dynamicMemberBaseDN | The Role's dynamic member Base DN (if applicable) | false |
dynamicExcludeFilter | The Role's dynamic exclude filter (if applicable) | false |
dynamicExcludeBaseDN | The Role's dynamic exclude Base DN (if applicable) | false |
autoSyncInterval | The Role's auto-sync interval value | false |
externalIntegrationStatus | The Role's external integration status value (if applicable) | false |
{ldapAttribute} | If the Group has custom attributes each value will be keyed off of its associated LDAP attribute name | true |
The Auto Role Update event is logged whenever a Roles Managed Role's info is updated as a result of a change in the backing LDAP group (outside of Roles).
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.autoUpdate |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of the Role |
target | This will contain the DN of the Role |
Name | Value/Description | Multi-valued |
|---|---|---|
name | The name of the Managed Role | false |
description | The Role's description (if applicable) | false |
type | The Managed Role's type | false |
coOwnerEditable | oolean value indicating whether co-owners may edit the group | false |
ownerDN | The DN(s) of any or all of the Role's owners | true |
coOwnerDN | The DN(s) of any or all of the Role's co-owners | true |
staticMemberDN | The DN(s) of any or all of the Role's static members | true |
staticExcludeDN | The DN(s) of any or all of the Role's static excludes | true |
dynamicMemberFilter | The Role's dynamic member filter (if applicable) | false |
dynamicMemberBaseDN | The Role's dynamic member Base DN (if applicable) | false |
dynamicExcludeFilter | The Role's dynamic exclude filter (if applicable) | false |
dynamicExcludeBaseDN | The Role's dynamic exclude Base DN (if applicable) | false |
autoSyncInterval | The Role's auto-sync interval value | false |
externalIntegrationStatus | The Role's external integration status value (if applicable) | false |
{ldapAttribute} | If the Group has custom attributes each value will be keyed off of its associated LDAP attribute name | true |
The Auto Role Delete event is logged whenever a Roles Module Managed Role record is deleted because the backing LDAP group has been deleted (outside of Roles).
Column | Value/Description |
|---|---|
product_id | net.idauto.audit.common.product.arms |
module_id | net.idauto.audit.arms.module.groupmgmt |
action_id | net.idauto.audit.arms.groupmgmt.action.autoDelete |
target_system | DIRECTORY |
target_id | This will contain the Idauto ID of the Role |
target | This will contain the last known DN of the Role |
Name | Value/Description | Multi-valued |
|---|---|---|
groupName | The name of the Managed Role | false |
groupDescription | The Role's description (if applicable) | false |
groupType | The Managed Role's type | false |