Skip to Content
avatar image
Former Member

How to track "Date of Last user Login" across all provisioned systems ?

We all know how hard it is to track old users - in particular ones that have left and termination paperwork has not been completed (users such as contractors, service technicians etc)

Anyone think of a way where IDM could track the date/time of last login to each system that it has provisioned that user to ?

Maybe a new field per system eg LASTLOGIN<ECPxxx> which I can then view along with the User ID Alias ACCOUNT<ECPxxx> field and see ;

  • Which Systems the user has a login to

  • Date / Time of last login to these systems

Yes, it can be done manually by logging in to each to the systems and running SUIM, but I would hopping for an elegant solution as part of the IDM process.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Sep 03, 2010 at 07:11 AM

    Hi Phil,

    getting the last logon date is dependent on the system to which you are provisioning userids. For some systems you might not be able to retrieve the last logon date at all.

    We have implemented something like that in my previous project for Active Directory, because we needed to implement a custom password ageing functionality that disables accounts when the user does not change his password in time. For Active Directory you can check the lastLogon attribute or alternatively the accountExpires attribute.

    Best regards

    Holger

    Add comment
    10|10000 characters needed characters exceeded