I've got it down to the change and the date, but I was asked to also report on who executed the change. We see operator ID in many of the S3 application tables, and that's the kind of thing I need for determining who performed the security update in LSA.
Thanks,
Stan
That should be available in table LSAUDIT under the Logan product line. In the Lawson Security Client under Server Management | Server | Auditing + Logging, there are options for administrator additions, changes, and deletions. Once you enable those, any changes will be recorded in LSAUDIT.