hardis:org:diagnose:unusedusers
Description
Efficient user management is vital in Salesforce to ensure resources are optimized and costs are controlled. However, inactive or unused user accounts can often go unnoticed, leading to wasted licenses and potential security risks. This tool addresses this challenge by enabling administrators to identify users who haven't logged in within a specified period.
By analyzing user login activity and last login timestamps, this feature highlights inactive user accounts, allowing administrators to take appropriate action. Whether it's deactivating dormant accounts, freeing up licenses, or ensuring compliance with security policies, this functionality empowers administrators to maintain a lean and secure Salesforce environment.
licensetypes values are the following:
- all-crm: SFDC,AUL,AUL1,AULL_IGHT
- all-paying: SFDC,AUL,AUL1,AULL_IGHT,PID_Customer_Community,PID_Customer_Community_Login,PID_Partner_Community,PID_Partner_Community_Login
Note: You can see the full list of available license identifiers in Salesforce Documentation
Use --returnactiveusers to revert the command and retrieve active users that has logged in during the period.
This command is part of sfdx-hardis Monitoring and can output Grafana, Slack and MsTeams Notifications.
Parameters
| Name | Type | Description | Default | Required | Options |
|---|---|---|---|---|---|
| days -t |
option | Extracts the users that have been inactive for the amount of days specified. In CI, default is 180 days | |||
| debug -d |
boolean | Activate debug mode (more logs) | |||
| flags-dir | option | undefined | |||
| json | boolean | Format output as json. | |||
| licenseidentifiers -i |
option | Comma-separated list of license identifiers, in case licensetypes is not used.. Identifiers available at https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_userlicense.htm | |||
| licensetypes -l |
option | Type of licenses to check. If set, do not use licenseidentifiers option. In CI, default is all-crm | all all-crm all-paying |
||
| outputfile -f |
option | Force the path and name of output report file. Must end with .csv | |||
| returnactiveusers | boolean | Inverts the command by returning the active users | |||
| skipauth | boolean | Skip authentication check when a default username is required | |||
| target-org -o |
option | undefined | |||
| websocket | option | Websocket host:port for VsCode SFDX Hardis UI integration |
Examples
$ sf hardis:org:diagnose:unusedusers
$ sf hardis:org:diagnose:unusedusers --days 365
$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm
$ sf hardis:org:diagnose:unusedusers --days 60 --licenseidentifiers SFDC,AUL,AUL1
$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm --returnactiveusers