by Matthew McBride, SharePoint Solutions
One problem that SharePoint Server Administrators regularly encounter is this:
How can I know when an extranet user from a partner company leaves the company, and how can I avoid accumulating inactive accounts for users that no longer exist that are just “sitting out there?”
Unfortunately, it is nearly impossible to keep up with the “comings and goings” of extranet users who are employees of partner companies.
But Extranet Collaboration Manager 2010 (ExCM) contains within it the capability of helping our clients with specific extranet user security needs like this. The ExCM User Automation (UA) feature can be used to apply recurring policies to accounts residing in the ExCM user database. These policies are applied by a SharePoint Timer Job, which periodically inspects each account. UA can be used to expire user accounts based on attributes such as periods of inactivity or failure to update their password within a specified period, solving the problem of user account “housekeeping.”
(Click the images to make them larger.)
Schedule – frequency the job will be executed
"hourly between 0 and 59"
"daily at 15:00:00"
"weekly between Fri 22:00:00”
"monthly at 15 15:00:00"
"yearly at Jan 1 15:00:00"
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\OWSTimer.exe.config
<add name="ExtranetDirectory" connectionString="Data Source=[servername];Initial Catalog=ExtranetDirectory;Integrated Security=SSPI"/>
<add name="Ext" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=18.104.22.168, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"connectionStringName="ExtranetDirectory" enablePasswordRetrieval="false" passwordFormat="Hashed" applicationName="/" requiresUniqueEmail="true"enablePasswordReset="true" requiresQuestionAndAnswer="true" maxInvalidPasswordAttempts="10" passwordAttemptWindow="10" minRequiredPasswordLength="6"minRequiredNonalphanumericCharacters="0" passwordStrengthRegularExpression=""/>
<roleManager defaultProvider="ExtRole" enabled="true" cacheRolesInCookie="false">
<add name="ExtRole" connectionStringName="ExtranetDirectory" applicationName="/" type="System.Web.Security.SqlRoleProvider, System.Web, Version=22.214.171.124, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
- From Central Administration’s Home page, click Monitoring
- On the Monitoring page, under the Timer Job section, click Check job status
- From the Timer Job Status page, in the view filter, click Service
- In the Service filter, click Change Service
- From the Select Service dialog, click Extranet Service