Endpoint Administration Guide for UNIX › Auditing Events › How CA ControlMinder Determines the Audit Mode for a User › Change to Default Audit Value for Some Users

Change to Default Audit Value for Some Users

Before r12.0 SP1 CR1, the default audit mode was None for the following accessors:

• Users that do not have a defined AUDIT value in their corresponding USER class record, and that are not associated with a profile group that has a defined AUDIT value.
• Any user that is not defined in the database (represented by the _undefined user record).

  Note: If you use enterprise users, CA ControlMinder does not consider any users as undefined. Properties of the _undefined user are not relevant in this case.

From r12.0 SP1 CR1, the default audit mode for these accessors is Failure, LoginSuccess, and LoginFailure. To retain earlier behavior, set the value of the AUDIT property to None for these users.