On occasion you may notice in Admin Audit Logs the following logs started to appear time to time. The logs details appear where the admin user is already deleted from umbrella dashboard or doesn’t exist in the organization anymore.
As long as the fingerprint and OrgID values in the orginfo are valid, roaming devices will continue to register successfully. The deleted user account is still reported because our roaming client server will still report the deleted userID because the fingerprint and OrgID are valid.
This is expected behaviour for auditing.
To prevent these logs from client registration, we recommend updating the orginfo.json file deployed to end-devices by downloading a new orginfo from your Dashboard > Deployments > Roaming Computer > Roaming Client in the top-right > Download Module Profile with a current and active admin user account. Once you have replaced the orginfo.json file used for future installations, the Admin Audit Logging would show the Umbrella admin user who downloaded the new orginfo.json file.