{"id":28597,"date":"2024-09-19T08:58:38","date_gmt":"2024-09-19T12:58:38","guid":{"rendered":"https:\/\/michigan.it.umich.edu\/news\/?p=28597"},"modified":"2024-09-18T15:37:39","modified_gmt":"2024-09-18T19:37:39","slug":"its-to-disable-inactive-active-directory-umroot-accounts-daily","status":"publish","type":"post","link":"https:\/\/michigan.it.umich.edu\/news\/2024\/09\/19\/its-to-disable-inactive-active-directory-umroot-accounts-daily\/","title":{"rendered":"ITS to Disable Inactive Active Directory (UMROOT) Accounts Daily"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">ITS and the U-M security community share the important responsibility of securing U-M\u2019s digital assets. Protecting credentials in accordance with the <a href=\"https:\/\/it.umich.edu\/information-technology-policies\/general-policies\/DS-22\">Access, Authorization, and Authentication Management (DS-22)<\/a> standard is an essential component of that effort. ITS Identity and Access Management (IAM) is working to enhance the security of Active Directory (UMROOT)&nbsp; over multiple phases. Each unit that uses the UMROOT environment will be engaged in order to implement changes and align their practices with new expectations.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The current step in this effort is to implement<strong> new daily, automated disabling procedures for inactive AD (UMROOT) accounts.&nbsp;<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Beginning <\/strong><strong>October 9,<\/strong><strong> 2024, on a daily basis &#8211; <\/strong>UMROOT accounts that have not been logged into for 90 days will be considered inactive and automatically disabled.&nbsp;<\/li>\n\n\n\n<li><strong>Beginning <\/strong><strong>November 8,<\/strong><strong> 2024, on a daily basis &#8211; <\/strong>UMROOT accounts that are disabled and have not been logged into for 120 days will be deleted.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Note:<\/strong> Uniqname accounts in UMROOT will not be affected by these procedures.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>IAM Support for Units<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To facilitate units\u2019 adjustment to the automated, daily disabling of inactive accounts, IAM is:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sending email communications to those responsible for Active Directory (AD) account management beginning regarding the implementation of the new procedures.<\/li>\n\n\n\n<li>Maintaining information on the <a href=\"https:\/\/its.umich.edu\/accounts-access\/active-directory\/account-management-updates\">Active Directory (UMROOT) Improvements<\/a> page, including a link to key information, dates and instructions.<\/li>\n\n\n\n<li>Holding Active Directory Office Hours to answer questions. Refer to the <a href=\"https:\/\/its.umich.edu\/accounts-access\/active-directory\/account-management-updates\">Active Directory (UMROOT) Improvements<\/a> page for dates\/times.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">If unit IT staff have questions or concerns, they can reach out to <a href=\"https:\/\/mcommunity.umich.edu\/person\/cozadk\">Kyle Cozad<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>ITS will begin disabling inactive Active Directory (UMROOT) accounts on a daily basis beginning October 9, 2024, as part of an ongoing effort to protect credentials in accordance with the Access, Authorization, and Authentication Management (DS-22) standard.<\/p>\n","protected":false},"author":194,"featured_media":28598,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","_umich_oidc_access":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_ef_editorial_meta_date_first-draft-date":"","_ef_editorial_meta_paragraph_assignment":"","_ef_editorial_meta_checkbox_needs-photo":"","_ef_editorial_meta_number_word-count":"","footnotes":""},"categories":[27],"tags":[488,940,1105],"class_list":["post-28597","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-safe-computing","tag-cybersecurity","tag-information-assurance","tag-umroot"],"uagb_featured_image_src":{"full":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal.png",1080,720,false],"thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal-400x266.png",400,266,true],"medium":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal-300x200.png",300,200,true],"medium_large":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal-768x512.png",665,443,true],"large":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal-600x400.png",600,400,true],"1536x1536":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal.png",1080,720,false],"2048x2048":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal.png",1080,720,false],"excerpt-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal-200x140.png",200,140,true],"themonic-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal-60x42.png",60,42,true],"ioslider-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal-658x300.png",658,300,true],"post-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal-665x443.png",665,443,true],"400x250-crop":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2024\/09\/AD-Account-Disabling_MPHOTO-Stock_SpringCampus_013-Bridget-Weise-Knyal-400x250.png",400,250,true]},"uagb_author_info":{"display_name":"Bridget Weise Knyal, ITS Privacy Office","author_link":"https:\/\/michigan.it.umich.edu\/news\/author\/bweise\/"},"uagb_comment_info":0,"uagb_excerpt":"ITS will begin disabling inactive Active Directory (UMROOT) accounts on a daily basis beginning October 9, 2024, as part of an ongoing effort to protect credentials in accordance with the Access, Authorization, and Authentication Management (DS-22) standard.","_links":{"self":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts\/28597","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/users\/194"}],"replies":[{"embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/comments?post=28597"}],"version-history":[{"count":2,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts\/28597\/revisions"}],"predecessor-version":[{"id":28607,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts\/28597\/revisions\/28607"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/media\/28598"}],"wp:attachment":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/media?parent=28597"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/categories?post=28597"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/tags?post=28597"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}