PeopleSoft User Security
When performing a PeopleSoft security audit, reconciling users should be one of the first tasks. This includes default accounts created through the installation of PeopleSoft as well as user accounts associated with staff, vendors and customers.
The following are several of the topics that Integrigy investigates during our PeopleSoft security configuration assessments - take a look today at your settings:
- Default accounts - PeopleSoft default application user accounts with superuser privileges where possible should be removed or have their password changed. Carefully consult your documentation but this is a key task.
|
Default Oracle PeopleSoft Users |
||
|
BELHR |
JCADMIN1 |
PSJPN |
|
CAN |
NLDHR |
PSPOR |
|
CFR |
PS |
TIME |
|
CNHR |
PSCFR |
UKHR |
|
ESP |
PSDUT |
UKNI |
|
FRA |
PSESP |
USA |
|
FRHR |
PSFRA |
HSHR |
|
GER |
PSGER |
WEBGUEST |
|
GRHR |
PSINE |
WEBMODEL |
- Stale users – users that have not logged on in months or years should be identified and removed. Use the following SQL to locate stale users:
SELECT * FROM SYSADM.PSPTLOGINAUDIT;
To manage accounts, the following navigation can assist. As it cannot be mentioned enough, BEFORE you disable or delete any user TEST in non-production first.
User management:
- Select PeopleTools, Security, User Profiles, User Profiles
- Select user to disable or delete
- If disabling, check Account Locked Out check box
If you have questions, please contact us at info@integrigy.com
Michael A. Miller, CISSP-ISSMP, CCSP