- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
account purging
Hi
Is it possible to delete an account from the FAC database that has been locked due to inactivity?
i.e. an account expires after one year from creation, however I need this removed if no user activity has been recorded for 30 days.
Thanks
B
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
bb wrote:Is it possible to delete an account from the FAC database that has been locked due to inactivity?
i.e. an account expires after one year from creation, however I need this removed if no user activity has been recorded for 30 days.
It sure is. Go to Authentication > User Account Policies > Lockouts and Enable Inactive User Lockout. Enabling Automatic purge in Authentication > User Account Policies > General will then remove them.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Carl
Wouldn't that only remove expired accounts?
my account would be valid for one year, but may only be used for a couple of days. i can't find any options to differentiate between locked accounts (inactivity vs wrong password )
Thanks,
B
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I was sure that we had changed it so allow these accounts to be removed but I am hesitating now. Let me test and confirm over the weekend and if not, I will create an feature request to create an "inactive" status and allow this to be purged.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks a lot Carl
much appreciated
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You are correct, inactive users are set to disabled and therefore miss being purged. I have created an new feature request for this capability to be added (NFR 270528 for reference).
Dr. Carl Windsor Field Chief Technology Officer Fortinet
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Great news!
cheers :)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Carl,
The new firmware (4.1) support purge user (auto/manual) but can we view the detail information at the event log (which user is been purged or disabled)..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Log 305 show me disabling the user manually (admin2 (changed fields = active)
Log 306 shows the manual purge and logs the user admin3 being deleted in log 321
Log 326 shows an automatic purge and the result being user carl being deleted in log 327
Dr. Carl Windsor Field Chief Technology Officer Fortinet
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Carl,
From the picture you share i can see the purge and deleted in order (log). If they is alot of multiple message in the logs, can we filter the logs with multiple keyword like purging and deleted.