S-OS-W10 is showing inactive computers
S-OS-W10 should not weight inactive computers the same active computers.
I would even appreciate not counting inactive computers at all.
We have to create exceptions
Hey Corvin,
With this risk we arbitrarily call it inactive when the LastLogonTimestamp is older than 6 months but the computer account is still enabled in Active Directory.
Can these accounts not be cleared up or disabled rather than creating exceptions?
As a potential fix we could create informative rules for inactive obsolete client operating systems? I think these are still worth surfacing as risks in the reports just with less or no score.
Cheers
This would be a great fix!
As it will separate a security risk (EoL Computer) from an inventory issue.
And the companies will also remove inactive objects from their Active Directory, but have to focus on security risks first.
There is already an S-C-Inactive, but I overwrite the default behaviour in my reports to always indicate that a clean-up of inactive computers is required or to highlight that there might be a good process that other tasks could be performed as part of the same process.
While I agree with not counting disabled computers, I disagree with not counting inactive ones, as they could become active and risky at any moment.
Therefore, cleaning up is always an important task to avoid seeing the same risky objects in reports repeatedly.
A little bit off topic because it is a common problem:
In general, I have noticed that I often have to read through the source code, as it is unclear whether something is showing enabled or disabled, active or inactive, or whether it is a computer, user or account list (it could list trust accounts and more). Sometimes a better explanation is needed of whether the term ‘account’ refers only to users or also to other objects (Computer, DMSA, GMSA, trust, etc.).
Yes sounds good when we can we get this implemented?