Unlock All or Lock All User Accounts in IDM

This entry was posted by on .

How to Enable and Disable User Accounts for Duration to Achieve Better Security

Let us assume there is an employee who has access to critical systems and applications,  but now he is going on leave for 10 days.

lock_unlock_user_accounts_for duration

For all ten days all the user accounts and access levels are enabled for this employee, so there is a chance of risk of unathorized access. Anyone can misuse these access rights / levels as the employee is on leave.

The IDM provides a solution which will automatically disables / locks / scrambles the password for these ten days and the application will automatically Enable / Unlock all the accounts once employee returns from Leave.

How it Works

  • Employees apply for leave in LMS / HRMS with Leave From Date, To Date and send for approval
  • The LMS / HRMS leave request is send to their manger for approval
  • IDM Application will sync (recon jobs) on a daily basis with LMS / HRMS, it will check whether there are any updates, and the IDM application will identify the users who are on leave and the leave approval status
  • Here the System checks for From Date, To Date with Current Date and mainly the Approval Status, if the approval status is not approved then system will ignore the entry as the leave is not approved
  • If the leave is approved, then the IDM application will automatically generate Disable / Lock requests (With Approval/Without Approval based upon the Work flow configurations)
  • Once the request is approved, all the user accounts & access levels for the specified user will be Locked/Disabled. The System will automatically Enable / Unlock the all the user accounts and access levels once the employee has returned from leave
  • Let say employee needs to leave on an Emergency
  • In this case system will provide the option to Disable/Lock all the accounts from the User Management Portal
  • Here the Admin/Manager selects the employee and select the option: Disable all accounts and specifies From Date and To Date