Ruben Posted February 19 Posted February 19 Hi, As of today we have nearly 8000 basic users in our Hornbill instance. We have around 3-4000 active employees today. We're continuously importing users from AD, but we don't have a routine on archiving these users when they quit. This means that we have 4-5000 users who don't work here but have active users in Hornbill. From a security standpoint, this is a non-issue as they have logged in through ADFS, where they don't have a user anymore. However, this is very messy for us, and we would like a good way to archive these users in bulk. I know there is a "select all" checkbox in the users list, but this only does like 20 or so users, which makes the archiving process super tedious and not worth. Is there a better way of doing this?
Adrian Simpkins Posted February 19 Posted February 19 Hi Ruben We run 2 interfaces on our instance from our AD - one for active and one for disabled. But this depends on how you manage your AD data - we move our disabled AD accounts into a Disabled folder in the AD and run the interface against that folder to disable the accounts in Hornbill. If your disabled AD accounts are structured in a similar way you could setup a second interface. Image below shows our 2 interfaces. I am not aware of a way you could do this outside of using this method though other than manually doing it, and that of course is a large task on 8000 accounts ! Many thanks Adrian
James Ainsworth Posted February 19 Posted February 19 2 hours ago, Adrian Simpkins said: We run 2 interfaces on our instance from our AD Hi @Adrian Simpkins Thanks for your feedback. Can I ask, when you say interfaces are you referring to AD imports? 1
Adrian Simpkins Posted February 19 Posted February 19 Hi James yes AD imports rather than interfaces, think my brain was not firing when typing 1
will.good Posted February 19 Posted February 19 We've had to do the same lately and have used Platform API Reference - / admin / userSetAccountStatus We created a powershell script and used a CSV file of the users that we needed to archive 1
Berto2002 Posted February 19 Posted February 19 Historically our user import was a bit slap-dash and included everything in AD but now we exclude non-users like mailboxes and system accounts. We also had no process for leavers but that is now in place so it's time for a clean-up. We need to get from 3200 to nearer 1800. @will.good thanks that's the direction I think we'll go with our bulk archive. For Leavers, we don't use the disabled OU approach Adrian has because we found it archived people before we'd properly handled all the assets and sometimes we still needed the workflow to escalate to line managers if laptops are not returned etc. Instead we have workflow nodes at the end of the Leaver process that do the appropriate work. One of the nodes adds an update in the profile so we can see/report on why it was an archived account. For interest:
SamS Posted February 19 Posted February 19 Hi @Ruben, If you can run a report to get a list of all the user( ID)s in a .csv file, then you can use the user import utility ( https://github.com/hornbill/user-import-database ) to archive those users (look at this section of the configuration file): "Status": { "Action": "Update", "Value": "archived" }, https://docs.hornbill.com/data-imports-guide/users/database/configuration
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now