Views:

You can take remediation measures on user accounts that may pose a security risk to your network environment on the Trend Vision One console.

Procedure

  1. Locate the user account that you want to take action on using the Zero Trust Secure Access or Operations Dashboard app.
    • Zero Trust Secure Access: Go to the User Information screen by clicking on a user anywhere within the Zero Trust Secure Access app.
    • Operations Dashboard: Go to the User Profile screen.
  2. Click the options icon (options_icon=1b2aff71-0b33-4aa1-b8aa-6105438834e7.jpg) and Force Password Reset.
    The Force Password Reset Task screen appears.
  3. (Optional) Specify a description for the task.
  4. Click Create.
    Trend Vision One creates the task and displays the current action status on the Secure Access History screen.
  5. (Optional) Grant required permissions on the IAM system that manages the user account.
    Note
    Note
    This step is required only when the policy enforcement permission is not granted and the task fails due to insufficient permissions. For more information, see Supported IAM systems and required permissions.
    1. Go to Zero Trust Secure AccessSecure Access RulesIAM System Settings.
    2. On the IAM System Settings screen that appears, grant the policy enforcement permission on the desired IAM system to authorize Trend Vision One to access user data and enforce user access actions on your IAM system.
    3. Locate the user account and take the action again.
      Trend Vision One creates the task and displays the current action status on the Secure Access History screen.
  6. (Optional) Assign the password administrator role to Trend Vision One.
    Note
    Note
    This step is required only for Microsoft Entra ID and when Trend Vision One does not have the Password administrator role.
    1. Sign in to the Microsoft Azure portal and assign the password administrator role to Trend Vision One.
    2. Go back to the Trend Vision One console, locate the user account and take the action again.
      Trend Vision One creates the task and displays the current action status on the Secure Access History screen.
  7. Monitor the task status.
    1. Click View task status in the success message that pops up in the lower right corner.
      The Remediation Logs tab on the Secure Access History screen appears.
      You can also go directly to Secure Access HistoryRemediation Logs, and locate the task using the search field.
    2. View the task status under Action status.
      • In progress... (inProgress=763d5319-3680-4b10-abca-a75782d8eb48.png): Trend Vision One sent the command to the enforcement point and is waiting for a response
      • Successful (successful=d385863c-ae1f-4a76-8500-6d60d7a2de8f.png): The enforcement point successfully received and executed the command
      • Unsuccessful (unsuccessful=e4c3ece6-3776-45dc-b99a-67195d7d21e0.png): An error or time-out occurred when attempting to send the command to the enforcement point
      Note
      Note
      The task status indicates whether the enforcement point was able to successfully receive and execute the command. It may take a few minutes for the process to complete.