Managing inactive accounts
To manage inactive accounts
1 Select Security & Delegation | Inactive Accounts.
2
Configuring inactive users and computers
You can configure Active Administrator® to perform tasks based on how long a user account or computer has been inactive. Next, select the domains to monitor, configure organizational units or criteria to exclude areas from being monitored, and add email recipients to receive notifications of inactive accounts.
To configure inactive users and computers
1 Select Security & Delegation | Inactive Accounts.
2 Select Users & Computers, if necessary.
a By default, inactive user accounts are managed. To disable, clear the Manage Inactive Users check box.
c To create a report of inactive users, select Identify Inactive Users Only. You can select to exclude accounts with passwords set to never expire from the report. No other tasks are performed on the inactive accounts.Select Perform the Following Actions to perform the selected tasks on the inactive accounts.
Table 23. Actions for inactive accounts
By default, inactive accounts are purged after 30 days of inactivity. You can set up a schedule, send notifications, and prevent specific users from being deleted. See Purging stale accounts.
By default, the user account is disabled once it has met the inactive user account requirement.
Select to run a program or script. Type a path or browse to locate the program or script to run.
Type arguments, or browse to build arguments by selecting parameters from a list.
To insert a selected parameter from the list, double-click the parameter or click Insert. The parameter is inserted at the location of the cursor.
Type /dom:, double-click %DOMAIN%; or select %DOMAIN%, and click Insert. Repeat for additional parameters.
/dom:%DOMAIN% /t:%TYPE% /sid:%SID%
3 Click OK.
a By default, the selected tasks are performed on inactive computers. To disable the feature, clear the Managed Inactive Computers check box.
c Select Identify Inactive Computers Only to include inactive computers on the preview report only. No other tasks are performed on the inactive account.Select Perform the Following Actions to perform the selected tasks on the inactive account.
Table 24. Actions for inactive computers
By default, inactive accounts are purged after 30 days of inactivity. You can set up a schedule, send notifications, and prevent specific computers from being deleted. See Purging stale accounts.
By default, the computer account is disabled once it has met the inactive account requirement.
Select to run a program or script. Type a path or browse to locate a program or script to run.
Type arguments, or browse to build arguments by selecting parameters from a list.
To insert a selected parameter from the list, double-click the parameter or click Insert. The parameter is inserted at the location of the cursor.
Type /dom:, double-click %DOMAIN%; or select %DOMAIN%, and click Insert. Repeat for additional parameters.
/dom:%DOMAIN% /t:%TYPE% /sid:%SID%
3 Click OK.
a Click Domains.
b
a Click Exclusions.
b Click Add.
NOTE: To reload the list of OUs, click Refresh. All selections are cleared and any newly added OUs appear in the list.To exclude organizational units
a Select Exclude Organizational Unit.
b Click Add.
d Click OK.
a Select Exclude Users and Groups.
b Click Add.
d Click OK.
a
e Click OK.
a Click Notifications.
b
c Select to include either both inactive user and computer accounts or just one type by clearing or enabling the Users and Computers check box.To sort the contents by a column, click the column header.
10 To setup a schedule for email notifications, select Users and Computers, click Set Schedule, select how often to send the email, the time zone, and start time, and click OK.
11 Click Save.
Checking for inactive users and computers
You also can create a schedule to check for inactive users and computers. See Configuring inactive users and computers.
To check for inactive users and computers
1 Select Security & Delegation | Inactive Accounts.
2
3 Click Run Now.
4 Click Yes.
5
Viewing inactive users and computers history
To view inactive users and computers history
1 Select Security & Delegation | Inactive Accounts.
2 Click History.
3 From the History Source list, select the live database or an archive database.
4 Click Go.
The Archives column lists all the past occurrences when the selected domain was checked for inactive users and computers.
▪
▪ To remove the filter, click Clear Filter.
▪ The Users area lists the inactive users discovered during the selected archive run.
▪ The Computers area lists the inactive computers discovered during the selected archive run.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center