What criteria are used to determine if inactive profiles are included in the Enabled Inactive Profil (NETIQKB53652)

  • 7753652
  • 02-Feb-2007
  • 18-May-2007

Resolution

goal
What criteria are used to determine if inactive profiles are included in the Enabled Inactive Profiles security check?

fact
NetIQ Security Solutions for iSeries 8.0

fact
NetIQ Vulnerability Manager 5.5

fact
VigilEnt Security Agent for iSeries 7.5

fact
NetIQ Vulnerability Manager 5.0

symptom
The Vulnerability Manager Enabled Inactive Profiles security check does not return all appropriate iSeries user profiles.

symptom
The Enabled Inactive Profiles security check does not display some inactive profiles.

fix

The Enabled Inactive Profiles security check queries all iSeries user profiles that meet the following criteria:

  • Have a status of *ENABLED
  • Have a password
  • Are not a Group Profile

The Enabled Inactive Profiles security check calculates the difference between the Previous Signon Date and current date. If the Previous Signon Date is blank, the security check uses the object?s Creation Date. The security check then compares the difference in days to the number of days specified in the security check, by default 60 days. If the difference is greater than the number of days specified for the security check, then the user profile is included in the report results.



Additional Information

Formerly known as NETIQKB53652