If an environment is re-using logins in general - how sensitive can the data from one jdoe to the next be? Guess It's just the hillbilly in me that doesn't have an appreciation for all this hidden data stuff.
----- Original Message ----- From: "David Durling" <durl...@uga.edu> To: arslist@ARSLIST.ORG Sent: Friday, June 29, 2012 10:07:11 AM Subject: Re: 7.6.04 - Question about re-using Login Id's I understand, this is a lot of effort we're talking about; not sure I really want to do it. But it's not necessarily a minor issue if "jdoe" had access to semi-sensitive or at least personally-related info, leaves employment, then a year later another "jdoe" comes on board and inadvertently gains access to info they shouldn't see. On the other hand, perhaps this minor risk is worth it - just something I have to determine locally. David > -----Original Message----- > From: Action Request System discussion list(ARSList) > [mailto:arslist@ARSLIST.ORG] On Behalf Of pritch > Sent: Friday, June 29, 2012 9:54 AM > To: arslist@ARSLIST.ORG > Subject: Re: 7.6.04 - Question about re-using Login Id's > > I've never been a fan of changing data after the fact - the new person would > most likely have a different PPL record number and the actual name may also > be a bit different (different middle initial, etc). Most of the ticket info > has > names as well as login ID. > > I think we spend way too much time worrying about minor items and trying > to devise elaborate work arounds - my response to the folks asking the > questions is 'deal with it, there's more important things to worry about'. > > ----- Original Message ----- > From: "Misi Mladoniczky" <m...@rrr.se> > To: arslist@ARSLIST.ORG > Sent: Friday, June 29, 2012 9:42:39 AM > Subject: Re: 7.6.04 - Question about re-using Login Id's > > Hi, > > Maybe you can use RRR|LoginConv, which is a tool that we give away for > free: > https://www.rrr.se/cgi/tools/main#rrrLoginConv > > It can walk through every record of your system, and replace the old login > name with a new one. It even handles Status-History, Diary-fields and row- > level access control where you have specified login names in the 112/60xxx > fields. > > When you are removing a login name, change it from "peter" to "x1peter" or > something like that. In this way you can keep all historical data and still > reuse > a login name. > > Best Regards - Misi, RRR AB, http://www.rrr.se (ARSList MVP 2011) > > Products from RRR Scandinavia (Best R.O.I. Award at WWRUG10/11): > * RRR|License - Not enough Remedy licenses? Save money by optimizing. > * RRR|Log - Performance issues or elusive bugs? Analyze your Remedy logs. > Find these products, and many free tools and utilities, at http://rrr.se. > > > This has bothered me for a while: What do to if one is using AREA > > against a system that re-users usernames, and you want the Remedy > > username to match the external one, but then there is the potential > > for the problems mentioned below. > > > > There is a unique id for each account in the external system, of > > course - but not sure how I could leverage that. Any bright ideas? I > > suppose I could store the unique id in Remedy and do an ARDBC lookup > > after every login (would maybe have to set up an init-form to trigger > > the workflow on > > login) to see if it matches. If it doesn't match, create a new record > > & retire the old, and use this record to stamp this unique id on any > > requests created by the user. But then how to allow-disallow access to > > the records? Not sure it's workable. Does anyone have a good way to > > handle this? > > > > David Durling > > University of Georgia > > > > > > From: Action Request System discussion list(ARSList) > > [mailto:arslist@ARSLIST.ORG] On Behalf Of Joe Martin D'Souza > > Sent: Monday, June 25, 2012 3:17 PM > > To: arslist@ARSLIST.ORG > > Subject: Re: 7.6.04 - Question about re-using Login Id's > > > > ** > > It would not be a EULA violation - as long as its not 2 physical > > individuals using the same ID at the same time, they are not breaking > > any EULA... > > > > However for reasons mentioned in the original post itself, this is a > > bad idea. Yes you will see all records since a lot within the system > > is referenced by the Login ID. Remedy does not have any other unique > > identifier that is actually used within searches to separate one login > > ID from the other in the event that you have two login ID's with the > > same value, one of which is retired and the other active.. > > > > So bottom-line, if a match is found, rename the new ID that needs to > > be created to something slightly different. > > > > Joe > > > > From: patrick zandi<mailto:remedy...@gmail.com> > > Sent: Monday, June 25, 2012 3:07 PM > > Newsgroups: public.remedy.arsystem.general > > To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> > > Subject: Re: 7.6.04 - Question about re-using Login Id's > > > > ** Might be a EULA violation as well.. May want to check on that.. > > License violation. > > > > On Mon, Jun 25, 2012 at 3:04 PM, David M. Clark > > <david.m.cl...@tn.gov<mailto:david.m.cl...@tn.gov>> wrote: > > ** > > Confirmed. Don't do that. For all the reasons you mention and more. > > > > ________________________________ > > From: Action Request System discussion list(ARSList) > > [mailto:arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG>] On Behalf Of > > Jase Brandon > > Sent: Monday, June 25, 2012 1:49 PM > > To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> > > Subject: 7.6.04 - Question about re-using Login Id's > > > > ** Hello All, > > What is the general consensus regarding re use of login id's? > > My concern is this = Login ID "User1" is used by an employee for 6 months. > > That employee leaves the company. Someone new gets hired, in a new > > support group, and our support center then reuses "User1" as a login > > id. Now if an auditor queries for all data modified by 'last update > > user' = "User1", they are going to get everything from both users who > > shared a login id, different data, different support groups, basically > > a mess - right? I seem to remember having the "don't re-use login > > id's" discussion in the past and the answer was "don't do that" - thoughts > anyone? > > > > Thanks, > > > > Jase > > > > -- > > Patrick Zandi > > _attend WWRUG12 www.wwrug.com<http://www.wwrug.com> ARSlist: > "Where > > the Answers Are"_ > > > > > __________________________________________________________ > ____________ > > _________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > > attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" > > > > __________________________________________________________ > _____________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 > www.wwrug12.com ARSList: "Where the Answers Are" > > __________________________________________________________ > _____________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 > www.wwrug12.com ARSList: "Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
