Introduction
When users are deleted from an external LDAP identity sources, the user deletion may result in licenses being allocated to users that cannot be accessed in the management console.
The purpose of this task is to remove users that have been removed in this manner (which in turn frees up any licenses consumed by any users found and cleared).
The task can be found by navigating to "Administration | Tasks", then scrolling down to the task "Clear deleted LDAP users";
Task Parameters
This task does not use any task parameters.
Editing and Scheduling the Task
Viewing and Editing Tasks
The task can be edited by left clicking on the context menu of the task and selecting "Edit";
A new window will now open titled "Task - Edit";
|
Enter the name to be assigned to the task within the management console. |
|
Enter a description of what the task will do. |
|
The version number of the task. |
|
This field is used to specify when the task is scheduled to execute. |
|
This field will determine if the task schedule is enabled (if enabled the task will execute at the scheduled time). |
|
Specifies how many times the task should be repeated after the task is executed. |
|
import com.deepnet.das.user.LdapUser
import com.deepnet.das.history.History
import com.deepnet.das.util.ConfigLoader def createDIRAndFile() {
def exportFolder = ConfigLoader.getProperty('dual/export/directory')
def sep = System.getProperty('file.separator')
if(!exportFolder){
def catalinaBase = System.properties.getProperty('catalina.base')
exportFolder = catalinaBase.substring(0, catalinaBase.lastIndexOf(sep)) + sep + 'export'
}
def dir = new File(exportFolder)
if(!dir.exists()){
dir.mkdir()
}
return new File(exportFolder + sep + "Disabled-LDAP-Users-" + new Date().format( 'YYYYMMdd-HHmmss' ).toString() + ".csv")
} def us = [] def criteria = LdapUser.createCriteria()
def count = 0
def found = 0 def csv = createDIRAndFile()
csv << "userID,dn,loginName,firstName,lastName\r\n" def scrollable = criteria.scroll{
ne 'status', 'DISABLED'
} while(scrollable.next()){
def user = scrollable.get(0)
if(!user.completeLdapAttributes()){
us << user
found++
} count++ onProgress(count, "Checking users: " + found + "/" + count)
} count = 0 us.each{ user -> user.status = 'DISABLED'
user.save() count++ csv << user.userID << ","
csv << '"' << user.dn << '",'
csv << '"' <<user.loginName << '",'
csv << '"' << user.firstName << '",'
csv << '"' << user.lastName << '"\r\n' onProgress(count, "Disabling users: " + count + "/" + us.size())
} setEndMessage(us.size() + " users disabled") |
|
|
Scheduling the Task
Select the "Enable Schedule" checkbox to ensure the task schedule is activated, then use the pencil icon ("
") to specify the time and frequency settings for automated task execution.
Manual Task Execution
The task can be run manually from the management console by left click on the context menu of the task, then selecting "Run";
A new window will open titled "Run Task" will then open (the window will be populated with the default task property values);
Provide a brief description that will be used to describe the purpose of the task in the audit log.
|
|
|
|
To execute the task click the 
button.
Example
When a user that is consuming a license has been deleted from the external directory, their details will show in the report "User use licenses", but their details in the report columns "Login Name", "First Name" and "Last Name" will be blank, and listed at the top of the report.
As can be seen from this report the user is still consuming a license and it is the purpose of this task to free the license up.
Now we run the task "Clear LDAP Users" then rerun the "Users use licenses" report we will discover that the entry with blank details is no longer present (and the associated license is no longer consumed);
