On the “Habitat AD Passwords Expired” module, is there a way to add a toggleable page that can display all accounts set to “do not expire”? I’m asking because we keep encountering situations where accounts are set not to expire, which goes against our security policy for our customers. We need to be able to quickly and easily identify any users configured this way for remediation. Ideally, this could be implemented within the “AD Passwords Expired” module by adding a toggle to switch between expiring users and a list of “Do not expire” users. You could also add a fifth line and box under “Users with password limits” for “Users WITHOUT password Limits” to show the number of these accounts, along with a toggle button to view that list. This way, we can open Habitat during an audit and quickly check for these users without having to access each server or run scripts.
What do you think? I believe this would be a valuable feature addition to Habitat within the existing “Habitat AD Passwords Expired” module.
Feature request for showing "Do not expire" users
Re: Feature request for showing "Do not expire" users
Let me look into that, Currently we do not collect users that do not have expirable passwords so we would be to adjust the collector to capture all accounts and a status type to denote the differences between user acc ount types. (Expirable versis Non-Expriable).
Give me a couple of days to review code base and see whats needed to add this request.
Give me a couple of days to review code base and see whats needed to add this request.
Re: Feature request for showing "Do not expire" users
Just an update, Im about to release Habitat 1.0.1.64 which will have the first redition of the new Expiry tool that will include seeing all domain admins in their own list and users who have pass does not expire or can not change passwords in their own list.
Screenshots to follow.
Screenshots to follow.
Re: Feature request for showing "Do not expire" users
Here is the new documentation post for the updated Expiry tool
viewtopic.php?t=6610
Habitat should auto update is set to, tonight with build 1.0.1.64. you can also download it from the plugins4automate web site. Log in with the account that subscribes to Habitat for the latest download URL.
viewtopic.php?t=6610
Habitat should auto update is set to, tonight with build 1.0.1.64. you can also download it from the plugins4automate web site. Log in with the account that subscribes to Habitat for the latest download URL.
Re: Feature request for showing "Do not expire" users
This looks great. That's a huge help in seeing which accounts are misconfigured and therefore aren't using the proper password expirations. The additional details and the admins are also an added benefit, so thanks for all that.
However, it seems there may be a glitch in the calculation, as it's tracking the time since the passwords were last changed instead of their expiration date. Therefore, all accounts are highlighted and in the negative since their last password change, and not based on the number of days remaining or the duration of their expiration. Probably just a minor oversight, but overall, the added changes are fantastic.
Much appreciated.
However, it seems there may be a glitch in the calculation, as it's tracking the time since the passwords were last changed instead of their expiration date. Therefore, all accounts are highlighted and in the negative since their last password change, and not based on the number of days remaining or the duration of their expiration. Probably just a minor oversight, but overall, the added changes are fantastic.
Much appreciated.