Support Center

Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Best practices to manage old Active Directory (AD) accounts?

Anonymous Jul 01, 2014 01:21PM MDT

Do you have suggestions on best practices to manage AD accounts for graduated/transferred out students?

1 Answer

Best Answer
Matt Landsparger Jul 01, 2014 03:58PM MDT

There are 2 preferred methods to manage the old AD accounts using the Directory Manager:

1. Delete all accounts that were created by the SDM Agent and run a sync.

The SDM Agent was designed to populate accounts using the information it receives from your Student Information System (SIS). The easiest way to clean up old accounts in AD is to delete all of the accounts that will be recreated by the SDM Agent and run a sync.

This will pull over all of the current information from your SIS and recreate all of the accounts that have a current enrollment.

2. Disable all accounts that will be updated by the SDM Agent, run a sync, then move/delete all disabled account.

If deleting accounts is not desired, disabling all of the accounts that are maintained by the SDM agent will be the next step. When a sync is ran the SDM agent will enable all accounts in AD who have an active enrollment. All accounts that remained disabled did not have an active enrollment which means they either graduated, left the district, or there is an issue with New Year Rollover Settings. In the case of New Year Rollover Settings please refer to the SDM Rollover guide.‚Äč

This question has received the maximum number of answers.
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found