Inactive Computer Policy

 

Inactive Computer Policy

Overview: To maintain the security and efficiency of the UND network, UIT will regularly monitor and run reports for inactive computer accounts in Active Directory. Based on these reports, the following actions will be taken (starting Fall semester 2025):

  • 120-Day Inactive Computers:
    • Computers that have been inactive for 120 days will be disabled in Active Directory.
    • Users will encounter an error message such as: “The trust relationship between this workstation and the primary domain has been broken.”
    • To rejoin the computer to the domain, please contact UIT. Rejoining efforts may be limited and will require assistance from UIT support staff.
  • 180-Day Inactive Computer Objects:
    • Computer objects that have been inactive for 180 days will be deleted from Active Directory.
    • Computers that have been inactive for 180 days and have had their computer objects deleted cannot be rejoined to the domain. Please see UIT for assistance in data retrieval if needed. The computer will need to be reimaged to continue to use it on the domain.

UIT makes no guarantee that the device will be accessible after 180 days of inactivity. If there are any concerns about data loss on machines that are not frequently used, please reach out to UIT prior to April 14, 2025.

Frequently Asked Questions

Why is UIT disabling and/or deleting computer accounts after 120 days?

Inactive or stale computer accounts pose a security risk by creating possible entry points for attackers to access UND’s network. Disabling and deleting these accounts minimizes that risk. In addition, a build up of inactive objects can degrade Active Directory performance, making regular cleanup necessary to maintain optimal system functionality.

I am a faculty member and regularly leave for the summer. What can I do to prevent my computer from being disabled or deleted?

UIT has extended the time required before disabling inactive objects to 120 days. This should provide extra time for Faculty who are off contract for the summer to ensure they can still access their devices when they return.

For Faculty, UIT still recommends that you log into your assigned computers prior to leaving for the summer and immediately upon returning to ensure your computers do not go stale.

If you work remotely, you do need to utilize GlobalProtect VPN so it checks in with our servers. Please see the following KB article for instructions on how to log into the VPN: Log In to the GlobalProtect VPN

What if I need assistance rejoining a computer to the domain?

If your computer has been disabled due to inactivity, contact UIT for assistance with rejoining the computer to the domain. If it is past the 180-day mark, the computer will be required to be re-imaged.

If you are receiving an error message that “the trust relationship between this workstation and the primary domain failed” or believe your computer was disabled due to inactivity, please submit a ticket to UIT here: Report a Computer or Device Issue

How do I know if my computer is at risk of being disabled or deleted?

By logging into your computer regularly, it will ensure it remains active on the UND domain.

If you work off campus, it is important that you regularly log into GlobalProtect VPN so your computer’s status is updated with UND’s servers. (see KB article – Log In to the GlobalProtect VPN)

I have a second computer that I haven’t used in a while, and it contains important data. Will I still be able to access the data, or can UIT assist with retrieving it?

Before contacting UIT, first attempt to log into the computer. If you are unable to access the device, then you will need to submit a ticket to UIT for assistance.

Please submit a ticket to UIT here: Report a Computer or Device Issue.

Please be aware that there is no guarantee that the recovery keys we currently have are valid. Recovery keys are access codes used by UIT to either unlock encrypted hard drives or gain access to locked computers in order to recover data or access the local administrator account.

If you have concerns about data on an old device, we encourage you to contact UIT before April 14, 2025, to ensure proper data recovery options are available.

What should I do before April 14, 2025?

If you have an inactive device that you are unable to recover data from, please contact UIT Tech Support before April 14, 2025. We will check the keys we have on file and assist with data recovery if possible.

I'm a little confused on the timeline. The email that was sent out specified that all devices that have been inactive for 1 year or longer would be deleted, but I see mention of computers being disabled after 120 days and then deleted after 180 days. I also see mention of a March 14th date and an April 14th date. Can you clarify these statements and dates further?

  1. UIT will initially target stale/inactive computer objects of 1 year or older on March 14th, 2025 and April 14th, 2025
  2. On March 14th, stale computer objects (1 year or older) will be disabled. If need be, UIT can recover these computer records and attempt to make them active again.
  3. On April 14th, stale computer objects (1 year or older) will be deleted. If a computer object is deleted then UIT will not be able to recover the computer object. 
  4. UIT will begin enforcing the 120 day and 180 day inactive object policy starting Fall semester 2025. 

I have other questions or concerns on this policy that is not listed. Who can I get in touch with?

Please contact UIT at one of the following methods listed below. We will get your question(s) routed to the correct department. 

Phone: 701.777.2222
Chat: Chat with Us
Submit a ticket: Report a Computer or Device Issue

 

Was this helpful?
0 reviews
Print Article