]0==u89h m,,.Hoik; From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of subash kaki Sent: Tuesday, October 09, 2012 4:27 PM To: arslist@ARSLIST.ORG Subject: Re: Re-use Login ID in Remedy
** UNSUBscrive ________________________________ From: Misi Mladoniczky <m...@rrr.se> To: arslist@ARSLIST.ORG Sent: Tuesday, October 9, 2012 1:57 PM Subject: Re: Re-use Login ID in Remedy Hi, RRR|LoginConv can change Modified-By/Submitter/Status-History.USER/Diary-entries etc from the original login name to something else. It will munch through all records of all forms an do the necessary updates. https://www.rrr.se/cgi/tools/main#rrrLoginConv I don't know how soon the login names will be reused, but one way would be to do one RRR|LoginConv run each month, cycling all retired accounts in one run. Best Regards - Misi, RRR AB, http://www.rrr.se (ARSList MVP 2011) Products from RRR Scandinavia (Best R.O.I. Award at WWRUG10/11): * RRR|License - Not enough Remedy licenses? Save money by optimizing. * RRR|Log - Performance issues or elusive bugs? Analyze your Remedy logs. Find these products, and many free tools and utilities, at http://rrr.se. > I said the same thing guys. Let me elaborate a tad. They use a unique id > for their company (custom attribute on the People form) that allows > internal identification based on their unique identifier attribute, so > they > clam this will be acceptable when it comes to audits, I also brought up > the > SarBox issues. > What concerns me is that Incidents/Changes/CI's, etc will have last > modified by "old guy" instead of "new guy". And... I haven't tried it yet, > but I suspect the Data tool isn't going to do the trick as it relates to > CI's. > > By "reuse login Id' I was referring to: Ex. Joe Jones leaves the company > and has a Remedy login ID of "jjones". A new employee is hired, Judy > Jones, > and she is issued the old login id used for Joe Jones of "jjones". > So if the new employee Judy Jones logs on as "jjones", does she suddenly > inherit all the records previously owned/last updated by "jjones" as the > original user of this id? Would she possibly see his Incidents/CI's, etc? > I'm still trying to wrap my head around all this so pardon my rambling. > :-) > > I've never had to deal with this issue in the past and wondered how the > community handled this request or if anyone had ever had to deal with this > issue before. > > 7.6.04 SP2 > Windows > > Thanks, > > Jase > > > On Mon, Oct 8, 2012 at 6:08 PM, Tauf Chowdhury > <taufc...@gmail.com<mailto:taufc...@gmail.com>> wrote: > >> ** >> To echo Chris, I hope you don't work for a public company because that >> has >> to be against some sort of Sarbanes-Oxley regulation. >> >> Sent from my iPhone >> >> On Oct 8, 2012, at 4:11 PM, strauss >> <stra...@unt.edu<mailto:stra...@unt.edu>> wrote: >> >> ** >> >> It is an incredibly bad security practice because it destroys any >> accountability for identity management. It is akin to reusing the >> social >> security numbers of deceased persons for newborns (try that analogy on >> them). We do battle with our PeopleSoft drones over this regularly, but >> it’s really a problem with them not having a unique index on the table >> for >> workforce ids; the LDAP login names almost never get duplicated, and our >> AD >> syncs to LDAP for that data. >> >> >> >> If you ever get a security audit, and they are reusing login ids in AD >> as >> a standard practice, your organization will fail the audit (unless the >> audit is by Arthur Andersen LLP). >> >> >> >> Christopher Strauss, Ph.D. >> Call Tracking Administration Manager >> University of North Texas Computing & IT Center >> http://itsm.unt.edu/ >> >> *From:* Action Request System discussion list(ARSList) [ >> mailto:arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> >> <arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG>>] *On Behalf Of *Jase >> Brandon >> *Sent:* Monday, October 08, 2012 2:26 PM >> *To:* arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> >> *Subject:* Re-use Login ID in Remedy >> >> >> >> ** Hello All, >> I have been approached and asked about how we can re-use Login Id' and >> I've never been asked to do this anywhere else. Of course my initial >> reply >> was "We shouldn't Do That", but I need more of a justification as the >> company reuses login ids via AD as a standard. >> >> Ive told them Login Id is associated with all things ITSM/CI's. I see >> this >> being a recipe for disaster. Can anyone help me out with your thoughts >> on >> this one please? Has anyone else done anything like this before? >> >> Thanks in Advance, >> >> Jase Brandon >> _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ >> _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ >> >> _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ >> > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"