RE: Disabling application/network accounts

["Murda Mcloud" <murdamcloud () bigpond com>]

Can't help you with the Best Practice part-depends on your situation, I
guess. 

But you can script this nicely with VBScript:

Use something like

objUser.AccountDisabled = FALSE
objUser.SetInfo


etc
You could even set it up to toggle between TRUE and FALSE using an IF THEN
ELSE loop.

Then put the usernames in a text file/excel sheet or something and you can
do a bunch at the same time.



> > -----Original Message-----
> > From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> > On Behalf Of s0h0us () yahoo com
> > Sent: Wednesday, September 10, 2008 4:50 AM
> > To: security-basics () securityfocus com
> > Subject: Disabling application/network accounts
> >
> > Can anyone share their thoughts on disabling accounts for employees who
> > are out on extended vacations or medical leaves? what is considered "best
> > security practice", specifically in the financial industry? We have a
> > policy that requires accounts to be disabled for employees who will be
> > away from the company for 10 or more consecutive days.
> >
> > thanks in advance for your comments.