DMA audit logs and login security

Solved656 views
1
0 Comments

Is it possible to get two logs?
1. User operation log
2. User authentication log

Is it possible to set the following for user accounts?
1. Required number of password digits
2. Character type
3. Expiration period & forced password update
4. Account lock with multiple failures

Yuki Arakawa(3496) 荒川 祐貴 [DevOps Advocate] Selected answer as best 18th March 2021

1 Answer

4
12.24K 5 Comments

Hi Yuki,

You can find the user operation log and authentication log in the user and groups section of the system center.

DMS Security is tightly integrated with Microsoft Windows security. Even when the DMS uses Autonomous User Identification, the users you create in DataMiner will automatically be created in the Windows operating system. This means that users must meet the password complexity rules defined on the windows server OS where DataMiner is installed.

e.g.

Ive Herreman [SLC] [DevOps Catalyst] Posted new comment 19th March 2021
Leander Druwel [SLC] [DevOps Advocate] commented

Note also that DMS Security can also be integrated with a domain controller, where similar policies are typically set, and much more. It allows a smooth security integration of the company security policies into DataMiner.

More information can be found also on https://help.dataminer.services/dataminer/#t=DataMinerUserGuidepart_3securityTypes_of_users.htmXREF_35318_24_1_4_Types_of
Yuki Arakawa(3496) 荒川 祐貴 [DevOps Advocate] commented

The password rules are easy to understand.
But the log is too little information.
The following was detailed about the authentication logs.
C:Skyline DataMinerLoggingSLNet.txt

Is there any detailed information about the operation log as well?
Ive Herreman [SLC] [DevOps Catalyst] commented

Hi Yuki,

Have you clicked the “actions” tab in the upper right-hand corner of the activity window?
It gives a full overview of every action performed by the selected user.

In case you feel that information is missing, can you please let us know which info is missing?
Yuki Arakawa(3496) 荒川 祐貴 [DevOps Advocate] commented

I don’t think it’s all action.
Because it seems to me that only a few days’ worth of logs were recorded.
If the logs are rotated, I’d like to see a mechanism to export them.
Ive Herreman [SLC] [DevOps Catalyst] commented

Hi Yuki,

Currently, the records are limited to the last 7 days with a maximum of 500 records.

The full audit trail of all actions in the system can always be accessed through the information events. These are stored for 1 year (by default).