Click HERE to see how Saviynt Intelligence is transforming the industry. |
05/27/2024 05:12 AM
Hi Everyone,
We have a customer requirement where we need to follow 30/60/90 days policy for the inactive accounts
Inactive accounts: When the last logon date is > 30 days, the AD account should be disabled(Can be achieved).
After 60 days of being disabled, the account should be moved to a different OU and update description.(Question is, how the update account task will be triggered when the account is already inactive)
After 90 days of moving the account to termed OU, the account should be deleted(How this can be achieved for the inactive accounts)
Any insights would be helpful
05/27/2024 05:29 AM
For triggering updates for the account even after account disablement, enable the below config in the Global config page
For deleting disabled accounts, use the removeaccountjson for hard delete. (and disableaccountjson for soft delete)
Remove Account tasks get created for disabled/inactive accounts.
05/27/2024 08:29 AM
Did you tried using actionable analytics