cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Level 7
Report Inappropriate Content
Message 1 of 8

How to remove default passwords for users after a certain period of time?

We use EEPC 5.25. We have certain number of support users added to all endpoints. They have for ex: Roger2010 as default password. How do we remove the ability for a support user to login to an encrypted device with default password after say 60 days or so?. Can we use script? If so can anybody suggest how to go about doing this?

7 Replies
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 8

Re: How to remove default passwords for users after a certain period of time?

use the api command "showoldusers" then pipe that result into a move or delete user operation?

remember though, it's not whether the user has used "an" endpoint, it's whether the user has used ANY endpoint.

Highlighted

Re: How to remove default passwords for users after a certain period of time?

You force password change on first logon. I assume that each support user account is used only by one support person.

Highlighted
Level 7
Report Inappropriate Content
Message 4 of 8

Re: How to remove default passwords for users after a certain period of time?

Yes, I will try the ShowOldUsers command. However what happens in the below scenario?

Jsmith and Jbaker - the two support users cached in Laptop-A are picked up by Autodomain and assigned to the Machine property. Whereas LaptopB has Jbaker alone. The AutoDomain script picks up Jbaker and adds to the respective machine property. Jbaker has not logged in Laptop-A for 62 days.

So, what you're saying is that if I run ShowOldUsers older than 60 days and delete it, the script will not only delete Jbaker on Laptop-A, but also from Laptop-B right?

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 8

Re: How to remove default passwords for users after a certain period of time?

it will delete the users out of EEM - Laptops will delete the users local account the next time the machine syncs.

Highlighted

Re: How to remove default passwords for users after a certain period of time?

Each user is distinct object but only one instance in EEM database. So user account shows activity REGARDLESS from which machine it comes from. Did you even look at user "Audit Log" in EEM, when user logs to multiple machines? If you did, then this behavior would be obvious.

So account would NOT be deleted from ANY machine, if it has been active for less than set number of days.

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 8

Re: How to remove default passwords for users after a certain period of time?

You actually can use the SBADMCL Changepassword option and set it to a different password.

So first show old users, than based on the output change those users passwords.

If you do it this way they will not be deleted from the database.

Highlighted
Level 7
Report Inappropriate Content
Message 8 of 8

Re: How to remove default passwords for users after a certain period of time?

Planning to run the showoldusers first and see what comes out of it and I will take it from there.

Thanks everybody

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community