Uploaded image for project: 'Atlassian Access'
  1. Atlassian Access
  2. ACCESS-1129

Add audit log when IDP synced user is removed from group in idp

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Unresolved
    • Audit Log
    • None
    • 7

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Issue Summary

      Missing log events:

      1. IDP synced user removed from the group at IDP deactivates the account. The user's group removal is logged in the audit log but the user's deactivation event is not logged.
      2. When a Managed account gets deactivated due to Atlassian's "Export Control - Compliance Policy", the user gets the following notification: 
        Dear Atlassian user,
U.S. law prohibits Atlassian, an Australian corporation with offices in the United States, from providing you with access to our products and services. After analyzing the applicable lists of restricted parties maintained by the U.S. Government, we were unable to confirm that your name was not affiliated with a restricted party. If this is a case of misidentification, please reply with two different copies of official documentation to verify your identity.
Official documentation includes, but is not limited to, a government-issued drivers license or identification card, passport, utility bill, mortgage or bank statement, etc. Please make sure your full name and address are clearly visible.
We look forward to your reply.
Sincerely,
Atlassian

        However, this data is not recorded in the Org Audit logs so it becomes difficult for the Org Admins to understand why the Account was disabled.

      Steps to Reproduce

      1. Remove an IDP synced user from all IDP synced groups, this will deactivate the user
      2. deactivated account event is not logged in audit logs through the user's group membership removal is logged. 

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. ACCESS-1195 Events not captured in Audit logs - user changes and IDP user removal

          • Low - Low priority issues
          • Closed

          Suggestion - ACCESS-863 Add details to audit log about changes of user's profile via Organisation UI

          • Closed

          Suggestion - ACCESS-1118 Add details on Account Deactivated due to Export Control on Audit logs

          • Closed
          is related to

          Suggestion - ACCESS-1207 Display timezone event changes in org audit log

          • Closed

          Suggestion - ACCESS-1763 [Tracking in Issue Links] Organisation-level audit log feature requests

          • Gathering Interest
          was cloned as

          Suggestion - ID-8153 Add org-level audit log when name or email change is made to a managed user

          • Gathering Interest

          Activity

            People

              Unassigned Unassigned
              probbins@atlassian.com Peter Robbins
              Votes:
              12 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: