Versions Compared

Old Version 26

changes.mady.by.user August Heltne

Saved on

compared with

New Version Current

changes.mady.by.user August Heltne

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Configure user cleanup to optimize your license usage, by either deactivating the user, or by removing the user from the licensing group. Typically the group jira-software-users grants access to jira software licenses. You can configure the requirement of user activity in the cleanup, as in the last time they logged in.

Configure User Cleanup

...

Settings

  1. Select Common, Inactive User Cleanup in the KSSO menu to open Go to user cleanup through either Kantega SSO → Common → Inactive user cleanup or Kantega SSO → User cleanup as shown in the picture above. This opens the user cleanup dialog .shown below:

    image-20240220-103401.pngImage Removedimage-20240423-132408.pngImage Added

  2. Choose whether you want to deactivate users or remove users from a licensing group.

    image-20240220-162515.png

    1. If you want to remove access to a local group you can also select which group to clean:

      image-20240423-134412.pngImage Added

  3. Configure the requirement of user activity in the cleanup, as in the amount of days since the last time they logged in.
    In the above example below, we have chosen 3 days. You may also check last logged in for several days, weeks or months based on the suitable use case in your organization.

    image-20240220-104305.pngImage Removed

    days, but you can easily configure it to clean both more or less frequently depending on your requirements.

    image-20240423-133904.pngImage Added

  4. If you choose to Remove access to local group then users will be removed from the given group. If the user is included in other groups they will not be touchedThe user cleanup only affects group membership related to the chosen group, and will not remove any other group memberships. This means if the group to be removed from is 0not not the licensing group the user will still be active.

    While cleaning up users, you also want to make sure that certain users are not cleaned, even if they haven't logged in for a while. Admin accounts should not be cleaned for example, because then you might lose system access. Exceptions can be configured based on group memberships or user directories.

    image-20240220-115155.png

  5. To verify which users will be affected by your setup, you may run an analysis. You will then get a prognosis of the cleanup. In this prognosis you may pick users manually and remove from group/disbled disabled by using the respective Action button.

    image-20240220-151600.png

  6. Click Run user cleanup to perform the configured cleanup. You will be prompted to confirm the run before the job starts.

    image-20240220-150115.png

  7. After the job is finished, cleanup results are found in the log . A log file will also be created in the kerberos folder; <atlassian_home_folder>/kerberos/userCleanupLogs.

    image-20240220-150206.png

...

Avoid all manual hassle by configuring a schedule that automatically handles all the user cleanup . The schedule comes with a wide range of time intervals you can fit to your specific needs.

...

Analyse job result

Before activating the cleanup schedule, you may run an analysis to verify that your schedule gives the expected result, and that it won’t affect unintended users. For example, if users are away during holidays, one week’s cleanup interval might be too short.

...

Activate Cleanup schedule

...

The 5 latest user cleanups are shown in teh the log screen.

A log file will also be located in the kerberos folder; <atlassian_home_folder>/kerberos/userCleanupLogs.

...