Michael Ellis - Project Manager from Boise State University. Leading the implementation for Duo at the University. Had a specific scenario and wanted to know if anyone else has encounter this and if so what actions their organization took to mitigate the issue.
Scenario : is a user leaves working at the University and stays on as a student. Due to Duo rules within the software unless manual intervention occurred the user in this scenario would not not have access for 7 days or until someone with the proper access deletes the trash (whichever is sooner).
Potential Process when an employee or student employee is off-boarding and is remaining as a student:
- Off boarding Department personnel needs to notify IT Accounts of the user leaving
- IT Accounts needs remove from the Active Directory group
- IT Accounts needs to notify Duo Admin User
- Duo Admin User pushes a manual sync to update to
- Duo Admin User needs deletes the user from the ‘trash bin’