Inactive users

Question: How significant do you think this is?

Running RSUSR200
with 365 days since last login
no 'Users invalid today'
no 'Users with Initial password'

gave me a list of 299 user names
maybe a quarter are shown as locked (mainly by Administrator, a couple by incorrect login).

We've been running a couple of years and have about 6000 users.

If it's an issue, any suggestions on steps to take?

Answer:
Search OSS for program RSUSR200 there are 5 notes especially 660923
I have found many bugs in this report

Answer:
From a first glance at the names - I suspect that many are people who have left the organisation

Answer:
sorry that last post was from me as the originator of the question (forgot to re-enter username)

Answer:
Commenting on jacko, this report has been improoved and if you don't have the latest version you might want to import it.

If they are invalid then it is not a problem. If the users with initial login are valid that is a big deal. I don't think I need to explain why. Put a 10 day limit on initial logins. You can do that with a parameter, (if that works yet, check OSS those might not be supported yet) or you can just check it weekly.
Can you say.."low hanging fruit?"

_________________
Gary Morris
SAP Security Analyst/Developer
garymorris@sapsecurity.net

Answer:
The parameters for limiting validity of new and reset passwords do alreay work, however please take into account, that communication users are also affected. Problem is that resetting the passwords for these users doesn't work and the users in question need to be recreated..

Nice parameter, ... but we turned it off after having tried it out due to latter mentioned issues..

No comments:

topics