The joBot Account Check reports enhance security by notifying administrators of potential user account issues before they occur, such as expiring or inactive accounts. Use Account Check with rDirectory to ensure that vital user attributes are recorded in the directory.
Account Expiration Notification
The Account Expiration Notification job helps administrators save time by reporting not only on accounts that are scheduled to expire, but also on those that have already expired.
Account Last Logon Report
The date and time a user last logged onto their account is typically hard to generate because the information is not replicated. joBot contacts each domain controller to verify the last time a user logged in and reports on the latest value.
Accounts Without Manager Report
This report allows administrators to view the user accounts whose Manager attribute is empty. Assigning a manager to a user assists administrators by allowing them to delegate certain tasks to managers. For example, the ability to reset the password of a direct report or edit the job description for a position within the department.
Clear Attribute Action
This job will clear the contents of a specified attribute for user accounts. You can then send an email notification to a specified account indicating that the attribute value has been cleared, and/or produce a report on accounts that have had this attribute value cleared.
Dial-In Status Report
It is important to ensure that users who are permitted remote access via dial-in or VPN are current on all updates and anti-virus software. The Dial-In Status Report lists which users are permitted and which are denied remote access so administrators can ensure that critical security updates are in place.
Disabled Account Report
User accounts are often retained for several reasons: pending legal action, historical data, to retain the ability to reactivate an account, or the ability to log in as a particular user and access resources associated with that user. This report provides a list of all such disabled accounts.
Empty Attribute Notification
This job allows administrators to view the empty attributes of a user’s account properties. Using this report in conjunction with Namescape’s rDirectory or myPassword, ensures administrators that vital information is recorded in the directory.
Inactive Account Notification
This report ensures security by alerting on accounts that have not been accessed for a specified period of time (such as accounts that were disabled improperly or created, but never used), allowing administrators to evaluate and/or delete accounts that are no longer required.
Logon Script Status Report
This report lists those users whose accounts automatically run a script (for example; load a software update) at logon.
Recently Created Accounts Report
This report provides a list of all user accounts that were created within a specified time period and can be useful for administrators and Human Resources to confirm that all new employees have been correctly added to the company roster.
Recently Deleted Accounts Report
The period of time that a copy of a deleted object is retained in Active Directory is referred to as the object's Tombstone date. The Recently Disabled Accounts report lists deleted accounts whose tombstone dates have not yet expired, allowing administrators to re-animate a user account that may have been accidentally deleted or for a user who has been re-hired.
Recently Locked Accounts Report
A user’s account is locked due to multiple incorrect password entries, for example repeatedly entering the password with the CAPS LOCK on. The date and time the lockout occurred is time stamped. The user now has two options for logging on:
- Call an administrator and have the account unlocked (deletes the time stamp)
- Attempt to logon again after a specified time period elapses, determined by IT, (time stamp preserved)
The Recently Locked Accounts Report lists those accounts where the user logged on by waiting for the time stamp to expire, which could indicate to an administrator that someone other than the user is attempting to access the account by trying different passwords.