Disabling Accounts
OS
If you need to disable an OS user account, you can expire the account using usermod --expiredate 1
. For example, to disable the account for user tom
:
sudo usermod --expiredate 1 tom
For more information, please see passwd manual by typing man passwd
and the usermod manual by typing man usermod
.
SOC
If you need to disable an account in Security Onion Console (SOC), you can go to the Administration interface, expand the user account, and click the LOCK USER
button.
After disabling a user account, the Administration page will show the disabled user account with a disabled icon in the Status column:
For more information about the Users page, please see the Administration section.