You are viewing limited content. For full access, please sign in.

Question

Question

cannot remove a user from laserfiche directory server using rules which is monitoring the specific group

Laserfiche Directory Server
Updated August 8, 2023
asked on August 7, 2023

Hi,

In directory server I am using Identity provider rules to monitor a specific group from AD. In this case when a new user is added in that group it is syncing with the Laserfiche directory server and user account is created but when a user is removed from the group it is not reflecting in Laserfiche directory server. And I have enabled a setting "Remove users deleted from Active Directory" in General, it is working when a user is completely deleted from AD.

Is there any setting need to be enabled?

Thanks,

Vharsha.I

0 0

Replies

replied on August 8, 2023

When a user has been removed from the AD Group, the user should still be in LFDS, but should no longer be licensed. Can you verify that the removed users are having their license removed in LFDS?

 

1 0
replied on August 8, 2023

The user sync does not delete user from Directory Server unless they are deleted in Active Directory: the AD sync is intended for licensing purposes.

If you have Windows domain accounts as named users, you can take advantage of Active Directory group synchronization in Directory Server to automatically assign or remove user licenses based on group membership.

https://doc.laserfiche.com/laserfiche.documentation/11/administration/en-us/Subsystems/LFDS/LFDS.htm#EnableActiveDirectorySyncForIdentityProviders.htm

If the user is removed from the relevant Active Directory group, their license will be unassigned, but the user will not be deleted from Directory Server.

Since this has been a point of confusion, we are planning on updating the documentation to clarify.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...