We want to let users sign a company agreement stating that our NC is not for private use etc. in order to get access. We have to do at least a random sample audit every once in a while and check if anybody is using it for private or pornographic stuff. What options do community edition users have to do audits every now and then?
You can check out the impersonate app - it allows the admin to act as another user. IMO this is the only realistic options as other options e.g. file names are not accurate. Please double check with your legal dept if you are allowed to do so (and better have a good process involving multiple compliance persons involved once you “audit” the files of specific user).
But in general I don’t like the idea to access the files of the user in absence of the user himself. Maybe you should rethink you organization values - if you don’t trust your members why do you let them in?