System Advisor
System Advisor
The System Advisor reviews your system's configuration and security posture and reports any issues it finds, along with a plain-language explanation of what each issue means and how to fix it. It replaces the older "System Alerts" list. You'll find it under Admin → System Advisor. The admin menu shows a badge with the number of open issues that need attention.
The two sections
Findings are grouped into two stacked sections:
- Security — issues that affect who can access the system and your data (shown first, because they matter most).
- Configuration — correctness, hygiene, and performance issues (missing settings, record-type problems, storage cleanup, etc.).
Each section shows a count of its open issues. A green check and "No open … issues" means that section is clean.
Severity
Every issue carries a severity:
|
Severity |
Meaning |
|
Critical |
Should be addressed promptly — affects security, compliance, or core functionality. |
|
Warning |
Worth addressing — a gap or risk that isn't immediately breaking anything. |
|
Info |
Informational — housekeeping or something to review, not necessarily a problem. |
Within each section, issues are ordered Critical → Warning → Info.
Working with an issue
Each issue is a compact one-line row. Click it to expand and you'll see:
- Why it matters — a short explanation of the impact.
- How to fix — concrete remediation guidance.
- Go to fix — jumps you straight to the exact admin screen (and, where relevant, the exact settings panel) where the issue is resolved.
- Learn more — opens the related help topic, when available.
Scan for Changes
The list reflects your system's current state every time you open the page. The Scan for Changes button (top right) runs an authoritative scan: it records what's currently found and automatically marks anything that's no longer a problem as resolved.
Use it after you've fixed something to confirm the issue clears and to add it to the Recently fixed history.
Acknowledging issues
Some findings are real but intentional for your environment (for example, a record type that's deliberately public). Rather than have the Advisor flag them forever, you can Acknowledge an issue:
- Expand the issue and click Acknowledge.
- Optionally enter a short reason (recommended — it documents why the issue is accepted).
- The issue moves into a collapsed "Show acknowledged (N)" strip within its section, and the open-issue count (and menu badge) drops.
Acknowledged issues are never hidden completely — they remain visible (collapsed) so they can be revisited, and each shows who acknowledged it and when. To bring one back to the active list, expand it and click Un-acknowledge.
Acknowledgements are tracked per issue, so accepting one item (e.g. one public record type) does not suppress others of the same kind that appear later.
Recently fixed
The Recently fixed panel is an embedded history of issues that have been resolved. Each entry shows the issue and who resolved it and when (the administrator whose scan detected the resolution). It's a lightweight record of what's changed over time — expand the panel to review it.
Note: the history reflects what a scan has witnessed. An issue that appears and is fixed entirely between two scans may not be recorded.
Security checks
|
Check |
Severity |
What it means / how to fix |
|
'ADMIN' user is still active |
Critical |
The default ADMIN account is a well-known login and a common attack target. Delete, rename, or disable it once your own administrator accounts are in place. |
|
'Base Server URL' is not secure (http) |
Warning |
The Base Server URL uses plain http, so logins, cookies, and shared links travel unencrypted. Serve the site over https and update the Base Server URL. |
|
Multi-Factor Authentication is not enabled |
Warning |
Accounts are protected by a password alone. Enable MFA under the MFA settings on the Main Options screen and choose at least one method. |
|
Password policy is weak or not set |
Warning |
The password complexity requirement is at its lowest level. Raise the Password Security level (Medium or higher) under Security settings. |
|
Session inactivity timeout is disabled / very long |
Info |
Unattended sessions can stay open indefinitely (or for an extended period). Set or lower the inactivity timeout under Security settings. |
|
Base Security gives every user read/write by default |
Warning |
The system-wide Base Security level grants all users read/write to records unless a Record Type restricts it. If unintended, lower it and grant access per Record Type or Team. |
|
Record Type is exposed to anonymous users |
Info |
A Record Type is reachable by anonymous/external users (public access or collaboration). Confirm the exposure is intended and only appropriate data is shared. |
|
Administrator has not logged in for over 6 months |
Warning |
An unused administrator account widens the attack surface. Confirm it's still needed; disable or remove it if not. |
Configuration checks
|
Check |
Severity |
What it means / how to fix |
|
End User Agreement not Accepted |
Critical |
The End User License Agreement hasn't been accepted. Accept it on the Software / License Info screen. |
|
'Base Server URL' is not set |
Critical |
Generated links (emails, shares, portal) can't be built without it. Set it on the Main Options screen. |
|
'Base Server URL' does not match your current URL |
Critical |
The configured URL differs from the address you're using; generated links may point to the wrong place. Update it to match. |
|
Database Usage High (hosted only) |
Critical |
Sustained high database CPU can slow the whole system. Review recent activity and scheduled jobs; consider scaling up. |
|
Email Settings Not Configured (on-premise) |
Warning |
SMTP is incomplete, so notifications, shares, and workflow emails can't be sent. Enter the SMTP server, port, and From address. |
|
Document Storage location Not Set (on-premise) |
Warning |
File content is being written into the database, which bloats it and hurts performance. Set a document storage location. |
|
WorkTrigger has a duplicate GUID |
Critical |
Two WorkTriggers share the same GUID, which can confuse workflow steps. Re-create or re-import one so each is unique. |
|
Record Type has no filter set |
Warning |
Without a filter, the Record Type can't be matched automatically when records are routed or classified. Set a filter value on at least one field. |
|
Record Type field filter does not match its default value |
Warning |
New records may not match the Record Type's filter. Align the field's default value with its filter value. |
|
Record Type has duplicate filters |
Warning |
Two Record Types share identical filters, so incoming records can't be reliably classified. Make the filters unique (or merge the types). |
|
Record Type has too many defined fields |
Warning |
A very large field count is hard to maintain and can slow data entry and search. Remove unused fields (aim for 25 or fewer). |
|
Record Type has too many defined categories |
Warning |
An excessive category count clutters the UI and can degrade performance. Consolidate or remove categories. |
|
More than 5000 Records in Recycle Bin |
Info |
A large recycle bin consumes storage and slows admin operations. Review and permanently purge old records. |
|
Oldest recyclable Record is more than 12 months old |
Info |
Records have sat in the Recycle Bin for over a year. Purge what you no longer need. |
Tips
- Open the page periodically — the menu badge tells you at a glance how many open issues there are.
- Use Acknowledge (with a reason) for accepted exceptions instead of ignoring them, so the list stays meaningful and the decision is documented.
- After fixing several items, click Scan for Changes to clear them and build up your Recently fixed history.