Removing Inactive Administrator Accounts
The Advanced Security module allows you to disable or remove user accounts; however, administrator accounts can only be removed, not disabled. If you do not activate the ASM, this feature is disabled after the trial expires.
EFT executes cleanup procedures every day at 00:00:00 UTC and at service startup. This daily server cleanup removes/disables inactive administrators and user accounts and sends password reset and expiration notifications for every Site.
For Sites defined using the "strict security settings," EFT enables the option to disable or remove inactive accounts automatically, and warn if you attempt to disable that setting. The option to remove administrator accounts will be enabled by default, unless during the setup process you choose not to enable this option. EFT prompts administrators when they login advising them of the potential removal of their account if their login failed due to unknown login name. The removal of accounts is captured in the Auditing and Reporting database for reporting.
If a user attempts to log in remotely to EFT with an administrator username that does not exist or an incorrect password, a warning message appears in the administration interface.
To remove an administrator account
-
In the administration interface, connect to EFT and click the Server tab.
-
On the Server tab, click the Server node you want to configure, and then click the administration tab.
-
Click the administrator account that you want to delete, then click Remove. A warning prompt appears.
-
Click Yes, then click Apply.
To specify automatic deletion of inactive administrator accounts
-
In the administration interface, connect to EFT and click the Server tab.
-
On the Server tab, click the Server node you want to configure, and then click the administration tab.
-
Click an EFT-managed administrator account, then click Account Policy. The Account Security Settings dialog box appears.
-
Select the Remove administrator accounts after check box, then specify the number of days of inactivity after which to delete the account.
-
Click OK to close the dialog box.
-
Click Apply to save the changes on EFT.
A change in any date-sensitive value resets the calculations. For example, if this feature was configured for 60 days, and you change it to 90 days, the count resets to zero, so that any inactive account that has been inactive for 59 days and was set to be deleted tomorrow, will now not be considered inactive until 90 days from today.