Maybe using their unique corporate id in the login name field, and using their Login in the special 'authentication alias' (I think that's what it's called) field on the user form (see docs) will be the best approach.
Then all your last modified by, used by relationships, assignee login id's etc, are all tied to the unique corporate id while they can login using their 'jjones' login name as specified in the authentication alias. That's the most workable approach I see, and would require a one time mass conversion. Sent from my BlackBerry device on the Rogers Wireless Network -----Original Message----- From: Jase Brandon <jasebran...@gmail.com> Sender: "Action Request System discussion list(ARSList)" <arslist@ARSLIST.ORG> Date: Mon, 8 Oct 2012 18:49:02 To: <arslist@ARSLIST.ORG> Reply-To: arslist@ARSLIST.ORG Subject: Re: Re-use Login ID in Remedy I said the same thing guys. Let me elaborate a tad. They use a unique id for their company (custom attribute on the People form) that allows internal identification based on their unique identifier attribute, so they clam this will be acceptable when it comes to audits, I also brought up the SarBox issues. What concerns me is that Incidents/Changes/CI's, etc will have last modified by "old guy" instead of "new guy". And... I haven't tried it yet, but I suspect the Data tool isn't going to do the trick as it relates to CI's. By "reuse login Id' I was referring to: Ex. Joe Jones leaves the company and has a Remedy login ID of "jjones". A new employee is hired, Judy Jones, and she is issued the old login id used for Joe Jones of "jjones". So if the new employee Judy Jones logs on as "jjones", does she suddenly inherit all the records previously owned/last updated by "jjones" as the original user of this id? Would she possibly see his Incidents/CI's, etc? I'm still trying to wrap my head around all this so pardon my rambling. :-) I've never had to deal with this issue in the past and wondered how the community handled this request or if anyone had ever had to deal with this issue before. 7.6.04 SP2 Windows Thanks, Jase On Mon, Oct 8, 2012 at 6:08 PM, Tauf Chowdhury <taufc...@gmail.com> wrote: > ** > To echo Chris, I hope you don't work for a public company because that has > to be against some sort of Sarbanes-Oxley regulation. > > Sent from my iPhone > > On Oct 8, 2012, at 4:11 PM, strauss <stra...@unt.edu> wrote: > > ** > > It is an incredibly bad security practice because it destroys any > accountability for identity management. It is akin to reusing the social > security numbers of deceased persons for newborns (try that analogy on > them). We do battle with our PeopleSoft drones over this regularly, but > it’s really a problem with them not having a unique index on the table for > workforce ids; the LDAP login names almost never get duplicated, and our AD > syncs to LDAP for that data. > > > > If you ever get a security audit, and they are reusing login ids in AD as > a standard practice, your organization will fail the audit (unless the > audit is by Arthur Andersen LLP). > > > > Christopher Strauss, Ph.D. > Call Tracking Administration Manager > University of North Texas Computing & IT Center > http://itsm.unt.edu/ > > *From:* Action Request System discussion list(ARSList) [ > mailto:arslist@ARSLIST.ORG <arslist@ARSLIST.ORG>] *On Behalf Of *Jase > Brandon > *Sent:* Monday, October 08, 2012 2:26 PM > *To:* arslist@ARSLIST.ORG > *Subject:* Re-use Login ID in Remedy > > > > ** Hello All, > I have been approached and asked about how we can re-use Login Id' and > I've never been asked to do this anywhere else. Of course my initial reply > was "We shouldn't Do That", but I need more of a justification as the > company reuses login ids via AD as a standard. > > Ive told them Login Id is associated with all things ITSM/CI's. I see this > being a recipe for disaster. Can anyone help me out with your thoughts on > this one please? Has anyone else done anything like this before? > > Thanks in Advance, > > Jase Brandon > _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ > _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ > > _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
