Verify which Symantec DLP Enforce user accounts have been disabled or account is deleted
search cancel

Verify which Symantec DLP Enforce user accounts have been disabled or account is deleted

book

Article ID: 234617

calendar_today

Updated On:

Products

Data Loss Prevention Enterprise Suite

Issue/Introduction

How can you verify if a Symantec DLP user account status is disabled or account is deleted?

Environment

Symantec Data Loss Prevention 15.7
Symantec Data Loss Prevention 15.8

 

Resolution

The DLP Enforce Console does not have a report to show if a DLP user account has been disabled and it doesn't show deleted users at all.
To verify if the account is disabled, navigate to System > Login Management > DLP Users and select each DLP User Name individually.

 
The following command can be run against the database if you need a list of all disabled user accounts and deleted accounts
Note: run the command as the "Protect" user.

select name,datelockedout,isdeleted from protectuser where datelockedout is not null or isdeleted=1 order by isdeleted asc;