Is there a way to tell through the event logs who approved an ActiveSync Device out of quarrantine? I have not been able to find an event id tied to a user account. Although I can see the set-CASmailbox cmdlet was run.
I have a customer with an issue where several devices were approved by an IT staff of 10 without the proper BYOD paperwork being signed by the end user.
The staff are spread across 5 locations so getting them together is difficult. I need a way to audit the approvals on an ongoing basis, and knowing who to speak to when the paperwork is missing so that I can reinforce to them the proper policies and procedures for device approval.