Yesterday I had to assist several users who where in Emergency Access mode.
In our environment we do not allow the end user to place themselves there from self-service
All our service desk folks have Auth Mgr Privileged Help Desk Admin role, which gives them the ability to provide both online and offline emergency access help
Emergency Access mode should be an extremely rare circumstance. I am trying to figure out who set the user up that way. As System Admin I can only think of one time where I've had to enable someone for it in last 3 years.
Here's the question....I have asked the service if they had set anyone in that mode. They claim no.
So how can I find out who may have enabled several users that way using the system reporting tools. These users could have been set that way for some time and I really don't have a time frame to search with.