A LONG time ago, I added a status of 'disabled' to the user form, and any time the status is set to disabled, I change the password on the account to $TIMESTAMP$....while not a 'random' value, the chances of the user being able to guess what their password on disable is..so.that's how I disable accounts..with 7.1 BMC itself added this status so I didn't hafta keep adding it each time I upgraded..but I still use the same process. That and the fact that our system integrates with AD for its authentication, makes it so that if for whatever reason I decide, that the user is disabled, they can't get in.
From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Jack Boespflug Sent: Tuesday, January 25, 2011 9:34 AM To: arslist@ARSLIST.ORG Subject: Re: Force Password Change On Login ** Thanks for the info. That brings up another question then, what indicates that the User record is disabled? Is it the Status field set to "Disabled", or some other field that I am not aware of? When the Status value is set to Disabled, the user can still login. Do I need to change my application code to also check this field? John Baker also suggested there is a field called "User account locked". I am not seeing this field on the User form. Does it exist somewhere else? I will probably need to direct these questions to BMC, but wanted to see if others have run into this. Thanks again for any info you have. Jack Boespflug Product Development Kinetic Data, Inc. "Building a Better Service Experience" Recipient of : WWRUG10 Best Customer Service/Support Award WWRUG09 Innovator of the Year Award On Tue, Jan 25, 2011 at 8:50 AM, LJ LongWing <lj.longw...@gmail.com> wrote: ** Jack, Unfortunately I do not believe that the pw management stuff is a server thing, I think the client and mid-tier were programmed to look at that information and take action.that being said, you would need to write your API program to do the same. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Jack Boespflug Sent: Monday, January 24, 2011 4:22 PM To: arslist@ARSLIST.ORG Subject: Force Password Change On Login ** AR Server version: 7.06.03 Build 001 Using the API, does the ARServerUser.login() method check if 'Force Password Change On Login' (field 124) is set before logging in the user, or is the program using the API responsible for checking that field? I didn't see anything mentioned in the API docs about changes to the login process, but the login method doesn't seem to care if this field is set or not, it logs the user in with the old password and allows the user to continue as if the old password is still valid. Thanks, Jack Boespflug Product Development Kinetic Data, Inc. "Building a Better Service Experience" Recipient of : WWRUG10 Best Customer Service/Support Award WWRUG09 Innovator of the Year Award _attend WWRUG11 www.wwrug.com ARSlist: "Where the Answers Are"_ _attend WWRUG11 www.wwrug.com ARSlist: "Where the Answers Are"_ _attend WWRUG11 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are"