How Do You Manage "Run As" Activity and Auditing?
I recently discovered that when a user utilizes the "Run as another user" feature in CRM, their actions are logged in the database as if performed by the impersonated user. This includes adds, edits, deletes, page visits (as seen in the history), and session activity tracked in the ACTIVEUSERMONITORINGLOG table.
I'm curious how other organizations are handling this behavior—specifically, how they identify actions taken by User X while impersonating User Y.
So far, I haven’t found any global variables in Page Designer or the SDK that indicate a session is a "Run as" session. Has anyone found a reliable method for flagging or tracking impersonation activity?
Answers
-
This would be really useful for us to know too - at one point we were going to open up the "run as" access to a huge chunk of the team so they could access their colleagues' My Fundraiser pages as well as their own, but we spotted the issue with the tracking (and the fact that they could get access to areas of the system they haven't been trained on) and decided to keep it more restricted. Even if it's not done deliberately, it's fairly easy to forget you're logged in as someone else and just continue using that browser window.
1 -
I have identified what appears to be a value available in the constructor passed into javascript in a custom ui model that surfaces runAs. That is looking promising for isolated custom form level handling, such as suppressing functionality for runAs users, but that is somewhat limited in wider application.
0 -
Blackbaud has confirmed that its products do not allow users to remove the “Run As” option from the Omnibar. This limitation prevents organizations from logging or tracking this functionality in a custom way within CRM. As a result, CRM users have no built-in method, or means to customize in-product, to monitor “Run As” usage or distinguish actions performed by the actual user versus those executed under impersonation.
1
Categories
- All Categories
- 6 Blackbaud Community Help
- 206 bbcon®
- 1.4K Blackbaud Altru®
- 394 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 1.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- 15 donorCentrics®
- 357 Blackbaud eTapestry®
- 2.5K Blackbaud Financial Edge NXT®
- 646 Blackbaud Grantmaking™
- 561 Blackbaud Education Management Solutions for Higher Education
- 3.2K Blackbaud Education Management Solutions for K-12 Schools
- 934 Blackbaud Luminate Online® and Blackbaud TeamRaiser®
- 84 JustGiving® from Blackbaud®
- 6.4K Blackbaud Raiser's Edge NXT®
- 3.6K SKY Developer
- 242 ResearchPoint™
- 117 Blackbaud Tuition Management™
- 165 Organizational Best Practices
- 238 The Tap (Just for Fun)
- 33 Blackbaud Community Challenges
- 28 PowerUp Challenges
- 3 (Open) Raiser's Edge NXT PowerUp Challenge: Product Update Briefing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports+
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Email Marketing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Gift Management
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Event Management
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Home Page
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Query
- 777 Community News
- 2.9K Jobs Board
- 53 Blackbaud SKY® Reporting Announcements
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)