Hi
Is it possible to delete an account from the FAC database that has been locked due to inactivity?
i.e. an account expires after one year from creation, however I need this removed if no user activity has been recorded for 30 days.
Thanks
B
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
bb wrote:Is it possible to delete an account from the FAC database that has been locked due to inactivity?
i.e. an account expires after one year from creation, however I need this removed if no user activity has been recorded for 30 days.
It sure is. Go to Authentication > User Account Policies > Lockouts and Enable Inactive User Lockout. Enabling Automatic purge in Authentication > User Account Policies > General will then remove them.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
Hi Carl
Wouldn't that only remove expired accounts?
my account would be valid for one year, but may only be used for a couple of days. i can't find any options to differentiate between locked accounts (inactivity vs wrong password )
Thanks,
B
I was sure that we had changed it so allow these accounts to be removed but I am hesitating now. Let me test and confirm over the weekend and if not, I will create an feature request to create an "inactive" status and allow this to be purged.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
Thanks a lot Carl
much appreciated
You are correct, inactive users are set to disabled and therefore miss being purged. I have created an new feature request for this capability to be added (NFR 270528 for reference).
Dr. Carl Windsor Field Chief Technology Officer Fortinet
Great news!
cheers :)
Hi Carl,
The new firmware (4.1) support purge user (auto/manual) but can we view the detail information at the event log (which user is been purged or disabled)..
Log 305 show me disabling the user manually (admin2 (changed fields = active)
Log 306 shows the manual purge and logs the user admin3 being deleted in log 321
Log 326 shows an automatic purge and the result being user carl being deleted in log 327
Dr. Carl Windsor Field Chief Technology Officer Fortinet
Hi Carl,
From the picture you share i can see the purge and deleted in order (log). If they is alot of multiple message in the logs, can we filter the logs with multiple keyword like purging and deleted.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1502 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.