Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 3240 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SGN Enterpirse 8.0: lockdown user that hasn't connected in a while to Server

JoseCasanova

Hello Everybody,

is it possible to add an expiration date to keys, or to the user sign on, in order to lock somebody that hasn't connected to the Safeguard Server in an established period of time?

this will be for windows 8, 8.1 and 10. So the POA doesn't work.

Regards,

 

Jose



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi Jose,

    It might be best to do this at user level rather than SafeGuard as I can imagine this is more of a general issue.

    There's a utility called "oldcmp" which may prove useful, however this is nothing to do with Sophos and is to be used at your own risk:

    http://www.joeware.net/freetools/tools/oldcmp/index.htm

    To gather a list of user accounts that have not logged on in the last 30 days the command would be:

    oldcmp -users -disable -age 30 -llts

    The -llts switch means to use the lastLogonTimeStamp attribute if the domain is at Windows Server 2003 functional level or above. Otherwise, the utility must use pwdLastSet, which is when the password was last set. Once you have what you need you can disable the users with:

    oldcmp -users -disable -age 30 -llts -unsafe -forreal

    Check the usage screen on that link as it has a good few examples.

Unfiltered HTML