We basically want to take advantage of 2 attributes, Login Time (which contains the last login time for the user) and Login Expiration Time, which prevent a user from login in once reached.

We want to monitor Login Time, and everytime it changes, update Login Expiration Time by setting it to Login Time + 1 year (or 31 536 000 seconds).

Click to view.

Figure 1: We need to open up the filter for the Null/Loopback driver for Login Time.

Click to view.

Figure 2: Simple rule to update Login Expiration time, using a GCV and XPATH.

Click to view.

Figure 3: GCV set to 1 year(in seconds).

Click to view.

Figure 4: Details for GCV.

Beware that you may want to restrict the scope to non-admin users. You will find the rule attached below for Subscriber Command Transform for the Null or Loopback Driver.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Loading...
Categories: Uncategorized

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

Leave a Comment

  • NickyVermaak says:

    The newer versions of IDM has an “offset” functionality in the time convert function that will eliminate the requirement to calculate seconds, etc.

    Where the offset value is defined, just time the GCV name, starting and ending with a “~”, ~gcvname~. Remember to select the unit, minute, month, year, etc.

mbluteau
By: mbluteau
May 27, 2011
1:01 pm
Reads:
2,603
Score:
Unrated
Active Directory Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management Knowledge Depot LDAP Migrating from Windows XP or 2003 to SUSE Linux Monitoring Open Enterprise Server Passwords Reporting Secure Access Sentinel Supported Troubleshooting Workflow