Audit role permissions

Audit role permissions allow users or groups to modify different aspects of an audit role. By default, the Master Auditor has Full Control over the audit roles and can assign the following permissions to other users and groups:

This permission Enables trustees to do this

Full Control

Perform all administrative tasks on the selected audit role and assign permissions to other users and groups.

Change Permissions

Add, modify, or remove Active Directory users and groups that have specific permissions.

A user or group granted this permission can display the properties for the audit role, then click the Security tab to select permissions for other users and groups.

Change Role Membership

Add, modify, or remove Active Directory users and groups that are assigned to the selected role.

A user or group granted this permission can use the Add Audit Role wizard to assign users and groups to an audit role or select an audit role name, right-click, then select Assign Users and Groups to modify the role membership.

Change Role Definition

Modify the name, description, access, or privileges for the selected audit role.

A user or group granted this permission can display the properties for the audit role, then:

  • Click the General tab to modify the role name or description.
  • Click the Access tab to modify the type of session and other criteria.
  • Click the Privileges tab to modify hat users and groups assigned to the role can do.