I haven't really looked into this too deeply, but my gut feeling would be that this overwrites the password so that the original password hash will no longer work. That's how the accounts are disabled, so it'd make sense.
-David J. Easter Sr. Product Manager, Solution Strategy and Development BMC Software, Inc. The opinions, statements, and/or suggested courses of action expressed in this E-mail do not necessarily reflect those of BMC Software, Inc. My voluntary participation in this forum is not intended to convey a role as a spokesperson, liaison or public relations representative for BMC Software, Inc. From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Shellman, David Sent: Wednesday, September 02, 2009 12:00 PM To: [email protected] Subject: Question concerning Application-Invalidate-User ** We recently upgraded our app server from 7.0.1 to 7.1 (Windows server connected to Oracle). After the upgrade I have been looking at the new filters associated with password management with 7.1. I noted a filter called User:DisableUserAccount. The Run If is fairly straight forward with ($USER$ = "AR_ESCALATOR" ) AND ( 'Status' = "Disabled") AND ( 'Account Disabled Date' != $NULL$ ) AND ( 'Account Disabled Date' > 'Last Password Change For Policy') The Run Process executes Application-Invalidate-User $Login Name$. I can not find any reference to Application-Invalidate-User in the 7.1 or 7.5 documentation. If anyone could point me to documentation concerning Application-Invalidate-User it would be greatly appreciated. Dave Dave Shellman Phone: (717) 810-3687 Fax: (717) 810-2124 email: [email protected] Tyco Electronics MS 161-043 PO Box 3608 Harrisburg, PA 17105-3607 _Platinum Sponsor: [email protected] ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor:[email protected] ARSlist: "Where the Answers Are"
