User leaves organization - what happens with all the files ?

Steel Contributor

I haven't found any tech article , therefore i just raise this question in here.

 

A user has uploaded files to onedrive. Some of them are shared...some are not.

So what happens, if the user object gets now deleted because the user left the company ?

I know, the onedrive space and its content will remain but the important question is, what happens with the content ? they are orphaned now because nobody (excepts the Site Admin) can do anything with it...right ?

 

in addition to that....

1) How an admin manages this kind of situation for OfB?  Is there a kind of dashboard available where one can see which onedrive spaces are orphaned and containing files ?

 

2) How does it look like for a Team Site ? Does the Site owner see's somewhere which documents are now orphaned ?

 

i hope my questions make sense. :)

8 Replies

Hey Stefan,

 

Start with this document located at https://support.office.com/en-us/article/Remove-a-former-employee-from-Office-365-44d96212-4d90-4027... and see if that will help answer your questions.

thank you josh

 

i'm aware of this support article but it explains just some areas which an admin "should" check whenever a user leaves the organization.

i'm more interested in if there is a dashboard (or whatever) available in which you see in one view which OfB's are "orphaned" and which Files do i have across SPO where the owner does not exist anylonger.

 

Imagine the following situation (which is in my opinion very common):

users are leaving the company but the admin does not find time to proceed with the mentioned tasks or has no information what to do all the files (from successor, department head...etc). So the process is more or less "on hold".

Then after weeks, months he may have forgotten to furhter continue with this.

Result would be that my O365 tenant gets more and more orphaned objects.

 

I'm sure i'm not the only one here seeing this as an important thing ...hopefully :)

 

I checked several 3rd Party tools, but couldn't find any which would cover this usecase here :(

 

thanks

 

 

 

Well, you dont pay for ODFB storage, so you will be fine :)

 

On a more serious note, there isnt any "orphaned" report that I'm aware of, but it should be relatively easy to produce one. Just get one of the scripts that enumerate ODFB sites and add a column to check whether the user is licensed, or whether the user account even exists. If you mean something like a "last time a file was accessed" type of reprot, you will have to crawl the audit logs, or better yet get a 3rd party reporting product that monitors this type of things.

 

As long as you have a proper "leavers" process, customized to your organizations' needs, the built-in tools and some scripting should be sufficient.

 

 

:) right, for OfB i would not pay any additional money for necessary storage but for certain subscriptions you would pay if you want to use more than 1TB on the OfB side. But lets ignore this for the moment :)

 

How would you see the orphaned stuff in regards to SPO Sites (e.g. obsolete/inactive sites, a.s.o)

SPO sites counts to the tenant storage. If you can remove obsolete sites you would save tenant storage and therefore you would not need to buy additional storage for 20cent/GB/month  in case you run out of storage space :)

Do you know how other organizations are handling this case ? Do they run housekeeping tasks monthly/yearly or do they just ignore this and buy storage as needed ?

 

i'm really curious to your answers :)

thank you

Well, that depends on your definitions. You can run a report based on "last modified date" for example, or even "last accessed date", then act upon it. Monhtly might be a bit too often, once or twice per year is more reasonable IMO. With the unified retention policies, you also have the option to automatically purge content now.

 

Then again, most organizations tend to pile stuff just because there might be a possibility it will be used in the future, however small that possibility is. That's why we have the issues with PST files, Public folders and pretty much every other system...

@Stefan Fried - did you get this answered?  I see it's a little dated, but wanted to check before assisting.

@Lou Mickley  "A little dated"....as in almost 3 years old.  lol

I and others would like to hear thoughts on best practice/solutions for this situation.

When a user is deleted in AD/AAD, O365 licensed revoked, the OneDrive library actively continues on INCLUDING existing sharing permissions until the tenant-wide OneDrive admin retention value counts down to 0 - then all the files are deleted into recycle bin, and 93 days later, permanently deleted.  These files can only be retrieved from the recycle bin via PowerShell since the user no longer active.

If you have access delegation turned on the Manager (defined in the AD attribute) automatically gets read/write access and if no manager defined, the defined secondary admin can have access automatically granted.