One of the least glamorous, but most important, aspects of access control is troubleshooting.
Least glamorous because it’s almost always done behind the scenes, can involve time-consuming and often tedious detective work, and rarely gets the reward it deserves. Most important because access problems typically reveal themselves in support requests that seem innocuous, but can sometimes reveal problems impacting lots of users, such as a proxy configuration gone awry, an incorrect IP address, or incomplete SAML configuration.
A key ingredient in troubleshooting is hunting down accounts that may be impacted. But many subscription systems aren’t designed with access control in mind. It’s easy to find accounts based on their name, and sometimes based on other metadata, but try finding all accounts that rely on a particular IP address or accounts using SAML?
With this in mind, LibLynx recently released a major upgrade to our account search to give support staff much more flexible ways to find accounts based on their access configuration. Specifically, to answer questions like:
- which account (or accounts!) are using this IP address?
- find accounts enabled with a specific authentication method, such as SAML or referrer URL
- which accounts have registered this email address?
- show me all consortium accounts
- show me individual vs organizational accounts
- find accounts with an active trial, or subscription
- which accounts expired in the last 7 days, or will expire in the next 4 weeks?
- find all accounts tagged with e.g. ‘VIP’, ‘renewal’ or ‘upgrade’
And all this logic can be reversed (isn’t, rather than is) and stacked to build really complex search requests.
Not exciting stuff, unless you’re one of the people tasked with figuring out why a user suddenly no longer has access … in which case, you’re welcome 🙂.
Photo by lkka Jukarainen is licensed under CC BY-ND 2.0