Deactivating a User

Introduction

Following network security best practices, it is often desireable to allow access to a user for only the time needed to perform a task. For example: an engineer may need to add a new network for a new facility, but that engineer does not usually need access to make such changes.
To accomodate this, a user may be deactivated after such tasks are complete.

Environment Prerequisites

The following tools will need to be installed.

Deactive a user

  1. Start the enfcli.
    You must log in with an _ADMINISTRATOR role.
    enfcli --host demo.xaptum.io --user <admin@somecompany.com>
    
  2. List the users and find the user to deactivate.
    > user list-users --network=2607:8f80:8080:b::/64
    
  3. Deactivate the user.
    > user deactivate-user --email=<johnqpublic@somecompany.com>
    
  4. Listing the users again will show that the user has been deativated
    > user list-users --network=2607:8f80:8080:b::/64
    +-----+----------------+-----------------------------+---------------------+----------------------+----------+
    | Id  | Name           | Username                    | Domain              | Last Login           | Status   |
    +-----+----------------+-----------------------------+---------------------+----------------------+----------+
    | 79  | Customer Admin | admin@somecompany.com       | 2607:8f80:8080::/48 | 2020-07-02T19:27:37Z | ACTIVE   |
    | 80  | John Q Public  | johnqpublic@somecompany.com | 2607:8f80:8080::/48 | 2020-06-30T21:25:27Z | INACTIVE |
    +-----+----------------+-----------------------------+---------------------+----------------------+----------+
    

Didn't find what you were looking for?

Contact us and we’ll get back to you as soon as possible.

Contact Us