Steve Giller Posted February 23, 2018 Posted February 23, 2018 Is this straightforward to achieve? We're currently using the LDAP import to activate/update Users overnight, but that means that staff leavers remain on the system. Is there a way of picking up the Disabled flag on an account and setting that user to Archived, or failing that, a simple way to archive all Users prior to running the import, which can be set to activate them?
Dan Munns Posted February 23, 2018 Posted February 23, 2018 @DeadMeatGF Here is our archive LDAP tool .json (renamed .txt) We run the import first then the archive. This has obviously been sanitised so you just need to populate the fields marked with <INSTANCE> etc. It is basically the same as our (old, we have made more than a few changes since) import with a couple of changes to what status the account is set to. archive.txt
Steve Giller Posted February 23, 2018 Author Posted February 23, 2018 Thanks @Dan Munns I realised that as part of decommissioning the account we move them to a particular OU, so I can actually scan that after the import and archive anyone in it - but if the upcoming changes to the process go the way they're planned I'll need to use your version instead.
Dan Munns Posted February 23, 2018 Posted February 23, 2018 Yeah we used to stick disabled users in our 'Z Cleanup' OU but once they went there they seemed to be forgotten and left forever more. Now we disable them in place for 30 days and delete. Also means than anyone we disable who needs to be re enabled for any reason stays in the OU they belong rather than us trying to remember where they are supposed to be. The LDAP tool makes life easy anyway
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now