Skip to main content

Orphan / Inactive

Purpose: Lists:

  • Unclaimed accounts

  • Users without an associated account

  • Dormant accounts

  • Dormant profiles

    "Dormant accounts" are user objects on target systems where the user has not logged in for at least N days. This number is defined by the Show inactive accounts (days) search criteria. See below for details.

    "Dormant profiles" are user profiles in Bravura Security Fabric , containing one or more accounts, all of which are dormant.

Note

You should generate a full attribute listing before running this report for a target system. To do this, click Generate full list on the Target system information page, then run auto discovery.

Bravura Security Fabric only supports Microsoft Active Directory and Microsoft Windows server target systems for use with the Orphan / inactive report. This report only supports Active Directory target systems running on Microsoft Windows Server 2008 or newer.

Executable:orphan

Table 1. Orphan / Inactive report search criteria

Criteria

Description

Report type

Choose a report type from the drop-down list. The Orphan accounts (not attached to a profile) setting is selected by default.

  • Orphan accounts (not attached to a profile): Lists accounts that are not associated with any user’s profile ID.

  • Orphan profiles (have no accounts): lists profile IDs that do not have an associated account.

  • Inactive accounts (N days with no login): lists dormant accounts.

  • Inactive profiles (N days with no login): lists dormant user profiles.

Target system ID

To list unclaimed or inactive accounts for one or more target systems, type a comma-and-space-delimited list of target system IDs. Alternatively, you can search for one or more target systems. The search engine only returns results for manually added target systems, not for discovered systems.

This option is only displayed if Report type is set to Orphan accounts (not attached to a profile) or Inactive accounts (N days with no login) .

Account

Type a comma-and-space-delimited list of long IDs (not short IDs) that match the accounts you want to include in the report. Alternatively, you can search for one or more accounts.

This option is only displayed if Report type is set to Orphan accounts (not attached to a profile) , Inactive accounts (N days with no login) or Inactive profiles (N days with no login) .

User ID

Type the profile ID of the user for whom you want to generate the report. Alternatively, you can search for one or more profile IDs.

This option is only displayed if Report type is set to Orphan profiles (have no accounts), Inactive accounts (N days with no login) or Inactive profiles (N days with no login) .

User name

Type the full name of the user for whom you want to generate the report.

This option is only displayed if Report type is set to Orphan profiles (have no accounts), Inactive accounts (N days with no login) or Inactive profiles (N days with no login) .

Number of days with no login

Type a numeric value to only show accounts/profiles that have been dormant for the specified number of days.

This option is only displayed if Report type is set to Inactive accounts (N days with no login) or Inactive profiles (N days with no login) .

Discovered in the last N days

Type a numeric value to filter results based on how recently the account was discovered during auto-discovery. A value of zero will return all results.

This option is only displayed if Report type is set to Orphan accounts (not attached to a profile) .



In this section: