Idea Details

Auto-Reconciliation of accidental/malacious account enabling in AD

Last activity 11-28-2018 12:39 AM
iiqbal_bchydro's profile image
04-18-2016 03:41 PM

Dear Community,

On account termination, we generally disable accounts (NOT delete) in endpoints especially AD due to different audit requirements. However, at some point in future, it is possible that someone may accidentally or intentionally enable the user account and thereby opening a security hole. In some IAM products, it is possible that IAM detects the possible change and thereby disables the account again. Is there any thought going around in product management team to include this feature in future? Also, this feature must be independent of explore and correlate because one would like to have the accounts disabled in real-time rather than wait for Explore and correlate to complete.


11-28-2018 12:39 AM

I have discussed with several CA architects and they say it can't be done via bulk tasks or px policies. A real-time synchronization is the ask here. Can you please elaborate what you trying to point to?

09-04-2018 10:42 AM

This can be verified in your version via bulk tasks and policy express policies. we will not be enhancing this capability further.