Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bb
New Contributor

account purging

Hi

Is it possible to delete an account from the FAC database that has been locked due to inactivity?

i.e. an account expires after one year from creation, however I need this removed if no user activity has been recorded for 30 days.

 

Thanks

B

13 REPLIES 13
Carl_Windsor_FTNT

You can enter multiple fields in the search term as shown:

 

 

 

Dr. Carl Windsor Field Chief Technology Officer Fortinet

hkloh

Hi Carl,

 

I try to search -> purging deleted, but the searching result is empty (0 log record).

The reason i search the two keywords because i need the purging user account information and deleted disabled information (as they are correlated) in a single view.

I notice that there is type id, is the id show related event (for example purging user then deleted user) only. Is there any other event will trigger the same id?

Carl_Windsor_FTNT

>I try to search -> purging deleted, but the searching result is empty (0 log record).

 

This is correct as the search is an implicit AND not OR i.e. your search will look for logs containing purging AND deleted.  Additional logic to search using OR is not currently supported.

 

There are other events which will trigger this ID.  Log Type 10003 is a general "Entry Deleted" log and can be triggered by deleting a user (manually) or a FortiToken for example.

 

If this is not adequate for your needs, please raise a feature request via your Fortinet Account Manager.

 

Dr. Carl Windsor Field Chief Technology Officer Fortinet

hkloh

thanks carl.....

Top Kudoed Authors