We really miss a full history concept for Integrity user / group domain area.
Please provide a "History"-tab for Integrity domain users and groups:
It is essential to clearly document who modified these objects, when and which user ids have been added / removed - (similar to item history concept).
Improve traceability - A (mandatory) change comment field is required to document the related justification for each individual modification. We manage our user privileges via change managment using Integrity items to document and to approve all user requests. So we need a reliable way to link such an item with a concrete change in our domain groups visible as part of the individual history entry.
Offer an option to restore a Integrity domain group as it was at a certain point in time by selecting a previous configuration out of the history entries.
Remove 4k character limit for Integrity auditlog parameter value.
Recently one of our administrators updated a Integrity domain group with the intention to add a new user principal. But instead of adding a new principal he replaced the existing 600 principals in that group by accident with that one user principal only. Unfortunately there is no undo nor history available for these admin objects.
So we tried to retrieve that information by help of our auditlog to identify the pre-last modification of that domain group. The idea was to use the parameter field value for collecting all required principals which were in that domain group before. This concept works fine for small domain groups with only few members. But as the parameter string is limited to 4K characters it simply cuts the result string at the end:
When reaching that limit the output string is simply cut off and 3 dots are added. As a consequence this approach is not applicable for large domain groups with more than 100 members.
All additional user information is simply lost and cannot even be exported via native SQL statements from the DB as it is not stored.
According PTC technical support there is no alternative solution but to restore that information out of a full DB backup. This is too much effort for such a simple use case.
We require at least a reliable way to read the full "Parameter" field value from auditlog without the 4k character limit. Because of this we are not even able to create our own solution as Integrity simply does not store and offer that data.
PTC Integrity as a configuration and change management tool shall be capable of tracking administrative changes in a reliable way and shall provide a full change history for all its system administration objects.