The system user audit feature addresses user and service association issues in Automate. The data/User status may not be synchronized with the current services such as LDAP, Cisco UCM, Cisco Unity Connection (CUC), MS 365, Webex Teams and MS Teams assigned to users in the system at a selected hierarchy. For example:

Such issues can result in performance degradation, inaccurate workflows and incorrect license audit data.

Automate provides both a command and a scheduled action to carry out this audit and address these issues.

Note

The scheduled action is available only if the global system level settings for Automate called Enable or disable system user audit is enabled. By default, this setting is not enabled. The action is however available on the default System Configuration dashboard for an unscheduled run.

When cancelling an unscheduled action, the cancelled transaction may take some time to show as done in the transaction log, but you can continue using the system.
To access the feature, the administrator's Access Profile must contain Create and Read permissions for the view/SystemUserAudit model type.

The System User Audit link available on the default System Configuration dashboard, License Audit Setup panel, provides an option to run a user audit or report on users and their associated services. The System User Audit Report link also lists generated report files.

Run a system user audit

Select a hierarchy: choose the hierarchy at which the task is to be carried out.

Important

Running the audit tool at a high level hierarchy (many users at or below) can severely impact performance. It is strongly advised to initially only run reports on hierarchies - selecting hierarchy levels with fewer users, such as at site level. The reports can then be inspected to determine the number of changes required.

A Confirmation option prompts the administrator to first verify a task.
Choose Create a Report if only a .csv file report is required for download.

If this option is selected, no changes are made to the users and system. See also System User Audit report below.
For the Confirmation dropdown, select "Yes, I confirm that the System User Audit can be run."
Click Save to carry out the task.

Note

System User Audit does not delete users from data/User.
If data/User instances are moved to align with services and more than one device is misaligned, the user is moved to the hierarchy of the device with the highest priority.
If the system user audit transaction fails during the processing of an individual user, the associated sub-transaction will log this and roll back that sub-transaction, while continuing to process sub-transactions for subsequent users.

System User Audit report

Running System User Audit and can also simply create a report (Create Report checked on the input form) The generated report can be inspected to determine audit output, and is available from the list of files shown at the tool: File Management, where it can be downloaded.

The report file format is: user_audit_report _<%Y%m%d_%H%M%S>.csv

The file contains headers:

username
hierarchy
operation
issue

Schedule and automatic execution

The system user audit can also be scheduled nightly (as part of a service) - see: License Counting process commands.

Note

When running as a service (schedule), a CSV file similar to the report is generated, labelled as user_audit_operations_executed_<timestamp>. This report allows administrators to see what operations were executed in the background every 24 hours.

Model Details: view/SystemUserAudit

An asterisk * in the title indicates the field is mandatory.
If a field has a default value, it is shown in the Description column.
If the field type is an array, the Field Name has a .[n] suffix, where n is the array index placeholder.
Object and array field names are listed to provide context. If a field belongs to an object or an array, the full field name is shown in dot separated notation.

Title	Description	Details
Info	Default: !!!ATTENTION!!! Running this tool at a higher hierarchy can severely impact performance. Please execute with caution! Audit actions performed: - Create system users for associated vendor users if missing - Update system user sync source and service status - Align system user hierarchy to match the associated vendor user Note: If 'Create a Report' is selected, no changes are made—only a .csv report is generated for download.	Field Name: notes Type: String Default: !!!ATTENTION!!! Running this tool at a higher hierarchy can severely impact performance. Please execute with caution! Audit actions performed: - Create system users for associated vendor users if missing - Update system user sync source and service status - Align system user hierarchy to match the associated vendor user Note: If 'Create a Report' is selected, no changes are made—only a .csv report is generated for download. MaxLength: 1024
Select a hierarchy *	Choose a hierarchy to run the audit from.	Field Name: hierarchy_level Type: String MaxLength: 1024
Create a report	Generate a .csv report for further impact analysis. This option will take precedence over processing of the system user audit. Default: true	Field Name: create_report Type: Boolean Default: true
Confirmation *	Confirmation of System User Audit execution	Field Name: confirm Type: String MaxLength: 1024 Choices: ["Yes, I confirm that the System User Audit can be run."]

Model: view/SystemUserAudit

System User Audit

Run a system user audit

System User Audit report

Model Details: view/SystemUserAudit