Audit password changes using Oracle HCM Cloud scheduled process

Oracle HCM Cloud applications generally have a lot of HR admin users accessing the application and making innumerable changes on a daily basis. It can make work difficult under certain critical circumstances if the changes are not tracked properly.

In particular, when it comes to user accounts and their security, password changes play an important role. Fortunately, Oracle HCM Cloud provides a simple one-step audit tracking facility to keep track of the password changes.

Below are some scenarios thatthrow light on when such audit tracking facilities come to use:

  • Adhoc changes have happened as a result of upgradescausing unnecessary blame games.
  • Urgent call made by a User to the HR representative asking for an immediate password reset since his/her user account is not accessible and he has to do some critical update in the system immediately. The HR representative does the password reset without any ticket formally being created by the employee due to the urgency.

User password changes audit report:

Oracle HCM Cloud allows IT Security Managers to fetch password change details that occurred in the system with the help of a Scheduled Process – User Password Changes Audit Report.

Business Benefits:

  • Transparency
  • Application Security
  • Quick Audit Tracking

Key Features:

  • The report can be fetched for a single user/all users/specific users identified by a name pattern.
  • ‘Start Date’ and ‘To Date’ can be set to fetch the report for a specific time period.
  • The result can be sorted by Modified date/User name during submission of the ESS Job (Scheduled Process).

PREREQUISITES:

ASE_USER_PASSWORD_CHANGES_AUDIT_REPORT_PRIV function security privilege is required to run this report. The seeded ‘IT Security Manager’ job role possesses this privilege by default.

Steps To Run This Report:

  1. Open Scheduled Processes >>Click on Schedule New Process>>Search for User Password Changes Audit Report Job

Fig.1: Scheduled Processes – User Password Changes Audit Report

  1. Parameters available:
  • Search Type – All Users/Single User/User name Pattern
  • User Name – If Search type is Single User, select the required User Name
  • User Name Pattern – If Search type is User name pattern, provide the pattern (Example shown below)
  • Start Date – Date from which Password Change details are required
  • To Date – Date until which Password Change details are required
  • Sort by– Modified Date / User name

Fig.2: Sample Parameters to run the report

  1. Click Submit to run the report.
  2. Oncethe process succeeds, click on the process and scroll down to find the resulting log files. This process produces 3 files – .csv,.xml and .log files.

Fig.3: Log and Output

Fig.4: Attachments

  1. Download csv file to view the report.

Fig.5: Extracted report

Author
Mithila Sriram
Kovaion Consulting
Oracle HCM Cloud Team