Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bb
New Contributor

account purging

Hi

Is it possible to delete an account from the FAC database that has been locked due to inactivity?

i.e. an account expires after one year from creation, however I need this removed if no user activity has been recorded for 30 days.

 

Thanks

B

13 REPLIES 13
Carl_Windsor_FTNT

bb wrote:

Is it possible to delete an account from the FAC database that has been locked due to inactivity?

i.e. an account expires after one year from creation, however I need this removed if no user activity has been recorded for 30 days.

 

It sure is.  Go to Authentication > User Account Policies > Lockouts and Enable Inactive User Lockout.  Enabling Automatic purge in Authentication > User Account Policies > General will then remove them.

Dr. Carl Windsor Field Chief Technology Officer Fortinet

bb
New Contributor

Hi Carl

Wouldn't that only remove expired accounts?

my account would be valid for one year, but may only be used for a couple of days. i can't find any options to differentiate between locked accounts (inactivity vs wrong password )

 

Thanks,

B

Carl_Windsor_FTNT

I was sure that we had changed it so allow these accounts to be removed but I am hesitating now.  Let me test and confirm over the weekend and if not, I will create an feature request to create an "inactive" status and allow this to be purged.

Dr. Carl Windsor Field Chief Technology Officer Fortinet

bb
New Contributor

Thanks a lot Carl

much appreciated

Carl_Windsor_FTNT

You are correct, inactive users are set to disabled and therefore miss being purged.  I have created an new feature request for this capability to be added (NFR 270528 for reference).

 

Dr. Carl Windsor Field Chief Technology Officer Fortinet

bb
New Contributor

Great news!

cheers :)

hkloh
New Contributor

Hi Carl,

 

The new firmware (4.1) support purge user (auto/manual) but can we view the detail information at the event log (which user is been purged or disabled)..

Carl_Windsor_FTNT

 

Log 305 show me disabling the user manually (admin2 (changed fields = active)

Log 306 shows the manual purge and logs the user admin3 being deleted in log 321

Log 326 shows an automatic purge and the result being user carl being deleted in log 327

 

 

 

Dr. Carl Windsor Field Chief Technology Officer Fortinet

hkloh

Hi Carl,

 

From the picture you share i can see the purge and deleted in order (log). If they is alot of multiple message in the logs, can we filter the logs with multiple keyword like purging and deleted.