Forum Discussion

Ted McLaughlin's avatar
Ted McLaughlin
Brass Contributor
Mar 07, 2018

Users who have left the company....

I know in ODFB that we have the ability to automatically give access to a departed employee's OD account to their manager, but that only appears to kick in when a user has been removed from AD altogether.

 

For a variety of reasons our company is no longer deleting users from AD after they have left the company.  Their account is simply locked and and put in a special OU and it can be months before the account is completely removed.

 

We now have a manager who had an employee leave the company, and he needs access to that user's OD, but he can't wait for months till that ex-employee's AD account is deleted.  I need to know  how to get him access to that data.   

 

Is that possible to do?  This is the first instance of this since the policy went into effect of not removing ex-employee's AD accounts, and I'm quite sure I'm going to get more of these.  Hopefully MS has handled this better than they did Sharepoint Mysite issues like this.  That was one of the reasons we never really implemented Mysites.

 

Thanks in advance for any suggestions.

 

Ted

    • Sherman Woo's avatar
      Sherman Woo
      Iron Contributor

      Thanks! Useful script to have in the admin tool-bag.

       

      Last place I was with, they decided to have an IT account in everyone's OD as site collection administrator. I think that's a brutal way to get people to trust the system, if there is potential that their files will be monitored. This is a much better option, if manager has not been configured.

      • Deleted's avatar
        Deleted
        Well, they technically use that same script to provide it to all the sites, but yeah it's not the best idea. For one, I don't want all those files showing up in my files list and searches as an admin :) and everywhere else.

        But also, as an admin, they make it easy for you to use the admin page, users, search, and then in the onedrive section add yourself quickly to a site via GUI and access it all right there. You just got to remember to remove yourself from site collection admin when done :).

Resources