Well, if you disable the AD account, and force the shutdown, then they're not going to be able to log back in anyway, so no real need to disable the port. At worst, unplug from the patch panel...
Joe Heaton -----Original Message----- From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 27, 2008 8:52 AM To: NT System Admin Issues Subject: RE: Employee Terminations "#3: Why? Walk over to the PC and shut it off/re-image/whatever." Obviously, after they leave. It would be a little rude to go in there and just start working on their old computer while they are still packing up their old desk, hence why it's getting disabled remotely. I'd disable the account, and force a shutdown to the computer. If they turn it back on, it's not like they're logging back in to do anything anymore. - Chris -----Original Message----- From: Phil Brutsche [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 27, 2008 10:41 hrs To: NT System Admin Issues Subject: Re: Employee Terminations A lot of that is specific to your organization. #1 should be "disable all of user's accounts" #2 is irrelevant if you do #1. Any disabled account cannot be logged into, regardless of whether the attacker knows the password. Same goes for #4 & #6. If everything uses AD for authentication it can be done in one fell swoop. #3: Why? Walk over to the PC and shut it off/re-image/whatever. Erickson, David wrote: > On our checklist we have: > > 1. disable user's AD acct > 2. reset user's password > 3. disable network port. > a. We now have Cisco IP phones that sit in-line between the > computer and the network jack. If I disable the port, they would not > be able to use their phone. What do you do? Log them off their > computers instead? > 4. Remove VPN access > 5. Transfer phone to Front Desk Recption > 6. Shut down email access -- Phil Brutsche [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
