Select to view content in your preferred language

Automatically delete AD Portal User if they don't own content

947
5
02-16-2023 12:42 PM
ahargreaves_FW
Regular Contributor

Hello,

As outlined in this documentation I understand that it's not default behaviour to automatically delete a portal user if their corresponding AD account has been deleted. This is in case the portal user owns content etc.

However, if they don't is there any way to automate this?

Nobody owns content in our portal except a single admin account so if there's a method to re-compare portal membership against AD and remove unneeded users that would save a huge amount of time. 

0 Kudos
5 Replies
DavidPike
MVP Frequent Contributor

What Portal are you on? can't you just export a list of users and compare against your AD members?

If it's an older Portal I have a very simple script using Python API to get users and last logins etc. 

there's no inbuilt way for Portal to talk to synch with your AD and auto-delete the previous members.

0 Kudos
ahargreaves_FW
Regular Contributor

10.9.1

Manually comparing exported lists seems time consuming and antiquated. This seems like a pretty straight-forward feature request. If you would like to share your Python script I'd be grateful.

Thanks

0 Kudos
StevenBell2
New Contributor III

We also do this through Python script.  It was the only way we found to manage it.

JeffSmith
Esri Contributor

I agree with what @DavidPike said.  There is no way to automatically remove users from Portal once they have been removed from A/D.  If you have a lot of users in Portal, using a Python script to return a list of users and their last login is helpful. 

I'll put in a plug for the next release of Portal.  In 11.1, a new Python script is included with Portal that will identify users that no longer exist in A/D or LDAP and give you a much easier way to delete them all at once.  A report is generated so you can review what was found before deleting them.  If any of those old users own any items, a separate list is generated so you can do a bulk transfer of all the items to a different user prior to deleting them.