Sync Portal users with Active Directory

tigerwoulds · ‎02-08-2021

We are running Enterprise 10.7. We are pointing the identity store to our Active Directory and adding users to portal based on AD enterprise groups. This is working but does not backwards sync, meaning if a user leaves our company, their account is not removed from Portal.

Any tips or advice on handling cases like this?

I'm thinking every month, I will need to somehow add any new active users and remove users no longer with the company. What would be the best way to do this? If we had an AD group with everyone in the company, I can import this group each month. Is there a way to batch remove users?

Thanks

Anonymous User · ‎02-08-2021

Hi @tigerwoulds

It is a manual process, the domain user will be inactive and disabled at AD level so, no requests are forwarded to Portal. The items created by that AD user is still available within Portal, so you need to manually delete or move them and then delete the user from Portal.

Housekeeping of such activities depends on the volume and frequency of the task. You can automate this process by writing a script too.

Regards,

Manoj

View solution in original post

Anonymous User · ‎02-08-2021

Hi @tigerwoulds

It is a manual process, the domain user will be inactive and disabled at AD level so, no requests are forwarded to Portal. The items created by that AD user is still available within Portal, so you need to manually delete or move them and then delete the user from Portal.

Housekeeping of such activities depends on the volume and frequency of the task. You can automate this process by writing a script too.

Regards,

Manoj

BillFox · ‎02-11-2021

https://enterprise.arcgis.com/en/portal/10.7/administer/windows/common-problems-and-solutions.htm

https://enterprise.arcgis.com/en/portal/10.7/administer/windows/common-problems-and-solutions.htm#an...