Forum Discussion
Security Issue
We had an employee that we set their account to expire on November 30th. Today, we find that they were still able to access their email via their personal Windows phone. I did an Audit Log search and...
In Active Directory you can set an account to expire on a specified date and time.
Right. And what are you using for authentication? Last time I toyed with this, only federated accounts had their tokens revoked upon account expiration/disable. But as I mentioned, you can also manually revoke tokens now, either via the O365 admin portal or via Revoke-AzureADUserAllRefreshToken.
We use Okta.
Ok, we'll add those steps to our off boarding process.
Thanks!