Delegate privileges to specific users and disable the built-in administration user. Pretty much the same steps you would take to control the use of the generic root/Administrator ids at the OS level. That will at least give you some idea of who was logged in at the time, and OTRS does capture restart commands for the OTRS software itself. It's never a good idea to use generic userids, even if it is more work to track and delegate privileges and revoke them if someone leaves or misuses them.
Note that some of the information you want is not in OTRS's logging capability - eg, some is in the Apache and DBMS logs. Configuration control those in a similar manner. Or is there another way I can track who made changes to the system.
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs