on 09-03-2010 1:28 AM
We all know how hard it is to track old users - in particular ones that have left and termination paperwork has not been completed (users such as contractors, service technicians etc)
Anyone think of a way where IDM could track the date/time of last login to each system that it has provisioned that user to ?
Maybe a new field per system eg LASTLOGIN<ECPxxx> which I can then view along with the User ID Alias ACCOUNT<ECPxxx> field and see ;
Which Systems the user has a login to
Date / Time of last login to these systems
Yes, it can be done manually by logging in to each to the systems and running SUIM, but I would hopping for an elegant solution as part of the IDM process.
Hi Phil,
getting the last logon date is dependent on the system to which you are provisioning userids. For some systems you might not be able to retrieve the last logon date at all.
We have implemented something like that in my previous project for Active Directory, because we needed to implement a custom password ageing functionality that disables accounts when the user does not change his password in time. For Active Directory you can check the lastLogon attribute or alternatively the accountExpires attribute.
Best regards
Holger
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.