Enhancements to CAM to Support Life-cycle Management of Computer Accounts
by Yeung Man
Since our last article (Ref: Network Computing Issue 43 – March 2005) on the Computer Account Management (CAM) System, the system has evolved to serve more than just simple maintenance tasks. Now it manages not only the accounts for students and alumni, but also those for staff, applicants, ex-staff and external users. The addition of new accounts has complicated the task especially in serving users who have more than one role. For instance, in the event that a student is also a staff, his/her student accounts cannot be removed upon graduation as long as he/she remains as a staff. Although the accounts and passwords are kept, account privileges may have to be adjusted because the entitlement of account services might be different.
Apart from the type of users, the number of computer systems supported by CAM has been increasing over the years. Office 365, GApps, CAP and DMS are some of the new systems recently linked with CAM. The diagram below shows how CAM is linked with its related systems.
Besides creating accounts, CAM also manages the computer account life cycle. It sends notification to account owners when their accounts are due to expire. When the accounts expire, CAM will disable and then remove the accounts. To automate and speed up the staff account renewal process, a new online form has been made available on the Work Desk menu for account owners and Departmental Network Administrators (DNA) to submit their account renewal requests.
To help implement the new university-wide password policy, CAM also sends notifications to remind account owners to change their account passwords before they expire.
Furthermore, all account password reset is carried out in CAM only. After answering personal details and security question in Administrative Information Management System (AIMS), account owners will be re-directed to CAM to submit their requests of password reset.
CAM will advise users to use strong passwords i.e. at least 8 characters long containing at least a number and both lower and upper case characters, but avoiding passwords which consist of only their names, initials, EIDs or account names that might be easily guessed by hackers.
Listed above are only some of the new features added to CAM in the last few years. In order to better serve our community and to enforce the University requirements of IT services and policies, no doubt that CAM will be enhanced continuously.