Disable End Users imported from LDAP

I’m in the same boat. I was told by technical support to build a seperate group and only put those individuals that need added to SysAid in the group. This will stop the imports of other users who are not needed in the database and stop it from automatically granting the first 120 users access and disabling the rest. I’m still trying to work that part out, and I’ll let you know if I get it functioning correctly.

I required technical support for assistance as it wasn’t that simple. I have over 12 years of data and the simple solution was erasing users and starting over - But there was no retaining prior user data in tickets. That presented a problem for me. At this point, the issue is fixed. However it did require some support as it was not as straightforward as it could be.

@dnudo So just to be clear before I try this, if you use the group method, you will lose your user data from those users? Even if the users are in the newly imported group? What was your solution?

I would also prefer to not lose the +10 years of user data if possible

@jsidoti - the bulk update doesn’t work, the users still show as active in sysaid.

Thanks for the help!

Hi all,

So happy to see the lively conversation here, will try to fill in some of the holes that arose: 

1. Disable user from List View can’t be applied to user generated from LDAP (and the likes) integration and can only be applied to local users

2. From actions perspective, if you: 

Delete user - it will delete user history as well 

Disable user - it will preserve activity history across tickets 

3. Regarding grouping in your active directory:

• Are the users you want disabled in SysAid already also disabled in the Active Directory? 

Then you can create a simple filter in SysAid following this guide (requires login): 

https://helpdesk.sysaid.com/FAQTree.jsp?id=1

Also make sure this check box is checked:

It will disable users that were generated in the past by the active directory and were not part of the latest import/sync. 

• Are the user you want disabled in SysAid still marked active in your Active directory? 

Then you will need to create an OU that will group all users you don't want imported to SysAid manually or based on filters in the Active Directory side.  In SysAid you will list all the OU you want to import allowing disregarding the OU you don’t and with the checkbox above it should disable the deprecated users as part of the regular sync. 

Let us know what you think!

Hi guys,
following the whole history here is about not losing 10 years of data and disabling users.

The LDAP configuration does not offer a function in SysAid to keep the data if you have to delete the users in SysAid from license rights. You can also create new groups in your LDAP that are not included in the SysAid LDAP configuration.

The situation is different for the administrators, here you will be asked where the allocation of the ticket stock should be made!

I have wished for this function for the user base for years.

Up until two years ago, we reconfigured and rebuilt all of our LDAP servers. For example, the user IDs of the employees have also changed. Since these changes, we have only had the option of renaming the old users with a special character, for example <User 1 ->, so as not to lose the inventory. This was necessary because the email addresses of the users remained the same

Since then we are waiting for a conversion function for users in SysAid :-)

cheers
Karlson

Hi @JSH,

If there are users that you don’t want to import to SysAid then in Active Directory they should all be part of a specific OU that is not part of the OUs that SysAid is importing from.

Furthermore, you can also enable the check box to disable users that were not imported from LDAP.

Or read more about this issue in the link below: https://documentation.sysaid.com/docs/en/ldap-form-general-tab?highlight=Disable%20SysAid%20users%20who%20were%20not%20imported%20from%20LDAP

Let us know if you still need help.