This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best practices-deleting Vibe users & associated workspaces

Does anyone have any best practices for deleting users and workspaces in Vibe? We have LDAP synchronization turned on but have not enabled the settings to delete users from Vibe once they are no longer in eDirectory, nor do we have the setting on to also "Delete Associated User Workspaces and Content". Both of these settings totally freak me out. On one hand, I am not in favor of bloating the system with tons of users who no longer exist or having all that extra content. However, knowing our users, if we auto-delete anything, we usually end up with frantic calls to our support desk.

Also, does anyone know what "Delete Associated User Workspaces and Content" actually means? Does it just delete the user's personal workspace or does it also delete all entries that account owns?

Thanks,
mandi

Mandi Witkovsky
Indiana University-Purdue University Fort Wayne
witkovsm@ipfw.edu
  • 0
    Hi Mandi,
    You are doing it the right way.
    (Novell also advices not to delete users automatically: see Novell Documentation)

    Some more hints and information from my side based on experiences in large environments (like e.g. universities):

    - "Delete Users That are not in LDAP" setting
    Never let users automatically being deleted when they are not found in LDAP!
    (The users that are found in LDAP just match an LDAP filter. Imagine you are changing the filter e.g. to add only certain users with LDAPattribute=value. Imagine there is a typo in that filter: All your users would be purged!)
    The way you are doing it now is correct.
    - With this setup you can e.g. use local accounts for testing purposes (ACLs, User Access Reports, ...) without having to create them in LDAP.
    - With this setup users that are not found in LDAP will just be disabled. Under Admin Console --> User Accounts you will see the disabled users and you can reenable them again (if the LDAP user is still there (=same ldapGUID)) or delete them manually if you really decide to have them deleted.

    - "Delete Associated User Workspaces and Content" setting
    Only the user workspace, it's folders, subfolders and content in the user's home workspace and folder hierarchy will be deleted.
    All other content, folders and workspaces in the system that belong to the user (creator/owner) won't be deleted.

    Deprovisioning in large environments and especially at universities is important. But deprovisioning of users and content depends on the usage of Vibe.
    Normally you might want to keep the content if Vibe is used for knowledge management.
    But in some use cases and environments there might be a reason to clean up your system periodically, e.g. a blended learning system at a university which is only used for short term practicing. (where you really don't want to keep the content and users of each term) In these cases it might be useful to automatically delete content and users. To use Vibe for multiple purposes you could use multiple zone to have separated LDAP, Role and Workspace setups.

    HTH
    Best Regards
    Erik
  • 0 in reply to 
    This is a very old subject but i have an issue.

    We do it all via ldap groups. We have a greyed out user on vibe.
    But now years later have a OES user that has the same username ABCEDF as the old ABCEDF user.

    They are greyed out on Vibe. I cannot delete them when logged in as Admin as it says they were provisioned from LDAP. We have over 500 users that if we told Vibe to delete all ex staff.... Including old IT Staff with documents that have them as the author and are still in use daily on Vibe.

    How the heck do we get rid of this ABCEDF account from vibe so that it will sync the new user. They aren't New just not needed vibe until now, and there is no way we are messing around by renaming their profile and setting up new profiles on their mac etc.. for them. I need a way of just deleting this ONE user from Vibe.

    We are running 4.0.1

    Thanks
  • 0 in reply to 

     

    Hi,

    You could try renaming it in the Vibe database:

    mysql -u root -p sitescape
    put in the password of your mysql root user
    UPDATE SS_Principals set name='abcde-old' where name='abcde' and type='user';
    \q

    Cheers,

  • 0 in reply to 
    Thanks. I’ve not tried it yet, but will tomorrow.

    Steph
  • 0 in reply to 

    Thank you Laura that worked perfectly.

    the older userx is now  olduserx and userx now has synced via the ldap group and can login.

     

    THANKS A MILLION

     

    Steph