Project

General

Profile

News

Aged Password Detector Release - 03/23/2010

Added by Randy Reitz almost 9 years ago

- Issue #359: Revise the Aged Password detector to used the new Password_overdue view in SCCM.

Releasing this depends on the SCCM data that is being provided. As of 2010-03-18, here is the status of that piece:

STATUS UPDATE:

1. Clean up bad JoinedDomain00 data - JP done
2. Test the view Password overdue and verify all is functioning properly - JP done
3. Get Roger a list of machines still reporting in JoinedDomain00 as a date - JP done
4. Roger will update those machines scripts to send in JoinedDomain00 as seconds - RV pending
5. Set PWage00 and JoinedDomain00 to 0 in SCCM_DCM.dbo.Local_Account_Scan_DATA - JP done
6. Test the view Password overdue and verify all is functioning properly - JP/LC/RR done
7. Set PWage00 and JoinedDomain00 to 0 in SMS_CCS.dbo.Local_Account_Scan_DATA - JP done
8. The machines will then report in and update the PWage00 and JoinedDomain00 fields with proper seconds data - continuous
9. The data in SCCM_DCM will get refreshed at 1pm and 8pm and will contain proper seconds data via Reload SCCM_DCM.dbo.Local_Account_Scan_DATA job - JP 1st run successful
10. Test the view Password overdue and verify all is functioning properly - JP/LC/RR done
11. Remove logic that sets bad data to 0 in the loading job (Reload SCCM_DCM.dbo.Local_Account_Scan_DATA) - JP done but needs to be reinstated - still getting bad data
12. Remove check for JoinedDomain00 <> 0 - JP done but needs to be reinstated - still getting bad data
13. Test the view Password overdue and verify all is functioning properly - JP/LC/RR done but will fail next time the job runs unless I reinstate the checks for bad data.
14. Close request! - pending

Aged Password Detector

Added by James Fromm almost 9 years ago

The data being presented to the aged password detector is supplying an IP/MACID pair that at some point was valid, but may not be valid at the time reported. The SCCM data can not supply a timestamp, therefore the IP,MAC pair can not be trusted. We have modified the code so that in cases where we receive multiple IP,MAC pairs, we look up based on MACID to verify which IP should be correct.

This is a change in code to fix a deficiency in the SCCM data.

    (1-2/2)

    Also available in: Atom