I have been struggling for a while trying to understand why the Content DB API throws me a pretty FdkException mentioning an ACCESSDENIED error when performing an audit search on a custom audit specification.
Here is my scenario:
(i) I have created a custom audit specification via scriptdriver.sh on a library.
It basically does audit on document events such as DOCUMENT_CREATED, DOCUMENT_UPDATED and so forth. So far so good.
(ii) Then, I have done a couple of document creations to fill the audit trail.
(iii) Try to search against audit history on DOCUMENT_CREATED with orcladmin with the API. Everything went ok.
(iv) Now I am desperately trying to search audit events with another user where ADMINISTRATOR role was granted on the library that holds audit specification. Of course, I have switcheded to admin mode operations (back and forth) when calling searchAuditHistory method. Despite this, the audit manager throws me a classical ACCESS DENIED error! Ok, I initially though that the target documents were moved in another place where my user does not have rights (it happened in the past but actually it should not be related anyhow). But obviously not, I am just trying to look up events at the right place.
As far as I can read in the documentation, audit history should be accessible to any user if and only if this user owns the "getAuditHistory" permission which is likely the case for Administrators.
I wonder if I miss a sensitive point here.
Any help would be highly appreciated,
I wonder if my user should grant domain administrator rights in order to get the audit history...
In that case it won't help me to solve my problem: I should be able to get audit history from any administrator (whether domain, container or library).
Please Matt if you're here, help me out!