Recent Control & Safety Systems Discussions
Similar Posts
DeltaV User Manager User Locks
server busy when creating a new user in deltav user manager
User Manager & DeltaV Operate Configure
The current DeltaV user is not configured in AMS Device Manager.
DeltaV user manager groups access from custom application
Share

DeltaV User Management

Is it possible to automatically disable DeltaV Users if they have not logged on for a period of time?

I have a range of versions of DeltaV to manage 9.3.1 - 12.3.1 and Operations are not very good at advising of Users who no longer require access.

I would like to be able to configure the systems so that any user who has not logged on for 4 weeks (as an example) would automatically be disabled.

I've had a look through BoL but not found anything.

Roddyc

5 Replies

  • Andre Dicaire
    the DeltaV Users require an active Windows account to logon. The user Password and Computer level access privileges are based on the Windows account. DeltaV Logon uses the Windows user credentials, including password during validation.

    Preventing an inactive user from logging on would be something you would do via Windows Security. The User would still appear in the DeltaV Logon list, but without a Windows account to validate against, they would be unable to log on. failed logon attempts with DeltaV Logon will be logged in the DeltaV Event database.

    To remove the user from the list, you would need to do that manually in DeltaV User manager. There is no automatic removal of users.

    Note that you can have a DeltaV User defined in DeltaV User Manager with no Windows account attached. The two are somewhat separate.

    Andre Dicaire

  • Roddyc

    In reply to Andre Dicaire:

    Thanks Andre. That clears things up a bit for me. I'll dig into our Windows config and see what we have available, but given the age of some of these even the old windows config may struggle.
    Roddy
  • Matt Stoner

    In reply to Roddyc:

    If you by chance are on a domain and not a workgroup, it might be possible. Here is one post on the subject:

    blog.netwrix.com/.../
  • Alexandre Peixoto

    In reply to Roddyc:

    Roddyc,

    if your list of users is long and you'd rather query the system for inactive accounts, you can do so by using Windows scripts such as 'dsquery' and then based on specific criteria (say inactivity greater than 120 days) you can disable the Windows account which would prevent those users to log in. I would not encourage doing this with any administrative account though - although one could argue that an admin that is not logging in to a system he/she manages for more than 4 months, is not really managing the system any more, but...

    Another way of achieving similar function is to set the passwords to expire within a shorter period of time. This option is more intrusive as it'll impact both inactive and active users, but it can be dealt with Group Policies rather than scripts.

    You may want to reach out to Emerson's support team for help on how to configure these alternatives.
  • Roddyc

    In reply to Alexandre Peixoto:

    Thanks All for the replies. I had forgot to mention that all our systems are domains which is why I was thinking there would be something possible. I'm moving to the idea of the Password expiry as a preferred method as this seems to be more native than disabling. In fact we already have a password expiry but perhaps require to shorten the timeout.

This is the official online community site of the Emerson Global Users Exchange, a forum for the free exchange of non-proprietary information among the global user community of all Emerson Automation Solution's products and services. Our goal is to improve the efficiency and use of automation systems and solutions employed at members’ facilities by sharing our knowledge, experiences, and application information.

User Groups | World Areas | Community Guidelines | Legal Information | Privacy Policy | Contact Community Manager

Website translation provided by Website Translator

© 2015-2022 Emerson Global Users Exchange. All rights reserved.