|
|
|
An inactive user ID is a user ID that a user has not logged on in a specified amount of time. The AUTOEXP record determines the amount of time. The actual time over which a user has not logged on, or changed passwords, is tracked through its *LA=, *LL=, and *PW= special comments. CA VM:Secure provides a number of tools to help you identify and manage inactive user IDs.
Consider the following to manage inactive userids:
Doing so enables you to easily spot those user IDs that have not logged on in a while. For example, if you expire logon passwords after 90 days of inactivity, you can use the ULIST command to show the user IDs whose passwords are expired and when their passwords were last changed. A user ID whose password is expired and whose password was last changed 185 days ago has been inactive for a long time.
For CA VM:Director or CA VM:Secure without the Rules Facility installed, you can use an IPLDISK procedure to expire passwords automatically.
(CA VM:Secure only) You can use the Rules Facility or an IPLDISK procedure to expire passwords automatically.
For example, you can disable user IDs that have not logged on for four weeks. You can put on hold user IDs that have been inactive for at least four weeks, and if they remain inactive for the next six months, you may want to delete them.
Note: For information about the special comments, see the chapter Special Comment Reference.
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |