= Arbitration / Training = The Training Course for Case Managers and Arbitrators [[Arbitrations/Training|Training Home]] / [[Arbitrations/Training/Lesson20|back]] === Actions for a Support Engineer (for the ruling) Version 3 === If an account is to be killed ... walk through bottom-up * Server-Certs handling before Domain handling (server certs relates on domains, so deleting domains, makes existing server certs invisible) (if they'll becomes deleted is in question) * Email address is replaced by the extended arbitration case number before Questions-and-Answers page will be opened and user receives an annoying "Your secrets page has been visited, this is a potential attack ..." (or whatever) === Detailed Checklist === ==== In SE console mode ==== * set a new password (and forget it later) * (optional) Take a snapshot of the account information and print it to PDF including all account informations, certificate informations and so on, and send it to arbitrator (if requested by an arbitrator) ==== In User mode ==== * login to the account to hijack * If user has a language you cannot read, take as first step * My Details - Default Language * set to English and delete all Additional Language Preferences * revoke all certificates * Server Certificates - View * select "View all certificates" * revoke Server certificates, even expired * Domains - View * Delete Domains * GPG PGP Keys - View * revoke certificates <> * Client Certificates - View * select "View all certificates" * revoke Client certificates, even expired * Email Accounts - Add * add email address `cYYYYMMDD.x.y@cacert.org` (mind the correct spelling of the mail address) * where c = one char - default: a - can be another char ruled by arbitrator * YYYYMMDD is the arbitration case date and x the running number of the arbitration of that date * y is a unique increasing number starting at 1 * if multiple email addresses shall be deleted in one arbitration case, the first account to delete becomes 1, the 2nd -> 2, the 3rd -> 3 and so on * verify new email address sent by email to support inbox (the verification mail should be placed automatically in the Delete Account bucket) * relogin into user account (with old email address) * switch primary email address to `cYYYYMMDD.x.y@cacert.org` * select `cYYYYMMDD.x.y@cacert.org` and make default * delete all email addresses (except the primary email address) * Email - View * remove email address(es) (except new primary) * Select "delete checkbox" on (old) users email address, hit 'delete' * Walk through the My Details and Submenues * My Alert Settings * deselect all checkboxes * My Details - Location * set to: Denistone East, New South Wales, Australia (2256755) * My Details - My Listing * set to: I don't want to be listed * clear the text field if filled * My Details - Default Language * set to English and delete all Additional Language Preferences * My Details - Edit * fill the secret questions and answers with junk * Logout ==== In SE console mode ==== * System admin - Find user * search for `cYYYYMMDD.x.y@cacert.org` * fill Givenname, Middlename, Lastname and Suffix with the extended arbitration number cYYYYMMDD.x.y * set DoB to 1900-01-01 * reset '''all''' flags to '0', most important are those which assign special privileges like: * TTP Admin * Location Admin * Admin * Ad Admin * all assurances received / given are left untouched if any * As the last action lock the account * set 'Account Locking:' to 1 ==== In OTRS ==== * report the youngest date of the revoked certificates * (optional attach the PDF files if requested by the arbitrator) == Notes and Comments == ''Procedure was applied to [[Arbitrations/a20100531.1|a20100531.1]] and worked for most part. According to support the verification mail was not placed in the Delete Account bucket but in the Triage queue. IMHO this should be fixed but does not block usage of the procedure. BernhardFröhlich'' == Footnotes == <> ---- . CategoryArbitrationsTraining