User expiration

Hello,

Thank you for your request. I'm taking note of your request. Having a way to add an expiration on a user could be useful, I agree.

Meanwhile, we have a feature calls "Conditional access policies". That feature allow you to define some rules to let users access or not to the system. That feature is available here :



With that, you can configure rules based on different things: user tags, time, user groups, IPs, ... Here is an example of rule based on user tags




Based on policies created, the system will let your user access the system or will block the access. Let us know if it is something that could help you.

Best regards,

Hi and thanks for your answer,
It's not fitting our needs unfortunately...

Hello,

Thank you for your answer. Could you elaborate more why it doesn't fit your needs ? Of course, being able to set an expiration directly on a user would be easier, but is it because it is too hard to configure or it doesn't fit your need at all ? Don't hesitate to elaborate more on that, it will help us to be sure to fit your needs once we work on something.

Best regards,

Hi François,
It's more because it doesn't fit my needs at all.
Perhaps I missed something but I can't use rules to block access to someone after X days automatically.

And we need also to be able to delegate this right because we wan't to keep administrative rights to a fewest people as possible.
Actually we delegate users and licensing rights to our level 2 team so they can activate/deactivate users account without having the key of the whole kingdom.

Best regards

Hello,

Oh, you are right. We can't specify a date. The time rule allow you to specify days/hours, but not a specific date. Now I understand your point. Thank you for your reply. And I also understand your point about the rights, I understand that, we don't want to give administrative rights to many people of course. I keep that in mind and will se what could be done to improve that.

Best regards,

Hello,
Is there any news on this request please?

I noticed I didn't explain the main point of my request... We have to give access to external providers to our infrastructure from time to time.
We would like to activate their account and set an expiration/disable date so our support doesn't have to do it manually at the due date.
It could reduce their worktime for this and improve the security by reducing the risks of mistake.

Hello,

Unfortunately, it is not planned yet. I can't promise, but I will check if it would be possible to accommodate that request in our next major release since it should not be too difficult. Do you need only an expiration date when the user would be disabled, or would you like an interval during which the user would be enabled?

Best regards,

Hi François,
Both options could work for us but being able to set an interval would probably suit more Devolutions customers.
If you go that route I suggest the start date stay an option because you don't always need to configure it.

But from our need perspective, we prefer the fastest you could implement.

Best regards

Hello,

Thank you for your answer. It is clear. I will see what is possible and post back here once we have an update.

Best regards,