1 of 1 people found this helpful
There are a couple of blasadmin settings needed to make the auto disable stuff work.
First you must enable the task that disables accounts:
set accountconfig UserAccountInactiveDisabling true
And then set the number of days after which the account is disabled:
set accountconfig UserAccountInactiveTime #
AFAIK the last login time is based on the user's LAST_ACTIVE_DATE property. And I don't think it matters if it's SRP or LDAP/AD. For example, if an account has both SRP and AD auth enabled, the LAST_ACTIVE_DATE gets updated based on the most recent login no matter what type of authentication.
one note - the LAST_ACTIVE_DATE is based on the login to bsa, not the login to a 3rd party authentication like ad/ldap...
the bsa user accounts that I have are ad/ldap, but I do see the LAST_ACTIVE_DATE are updated when they login