Locating deactivated accounts in PAM
Article ID: 230223
Updated On:
Products
Issue/Introduction
An e-mail, generated by PAM, advises that an account has been deactivated. The notice does not identify the account.
Environment
Any PAM environment
Resolution
Check Session Logs under Session / Session Logs and filter by Column "Details" and Value "deactivated". In a cluster only the node executing the deactivation will show the message(s). The message ID (PAM-CMN-0903 in the screenshot below) depends on the reason for deactivation.
Additional Information
If you are interested in a full list of PAM users that are inactive, you can export the user list by clicking on the Import/Export button on the Users > Manage Users page. Inactive users have column "Active Flag" set to "f" (false). The "Account Disabled Time" column will show at what time the account was disabled. This is a UNIX time stamp. You can use web pages such as EpochConverter to convert this into a human readable time stamp.
Attachments
Feedback
