Here is simple piece of code to purge kace users not associated with tickets. This will maintain the historical ticket data and cleanup superfluous kace user accounts brought in from LDAP that aren't or are no longer being used. This was run as an adhoc ticket rule to cleanup the entries. I don't recommend letting it run automatically as it is a deletion statement and the way its written its *very* inefficient. It took about an hour to process about 5,000 users in our instance.

Before you even consider this, please run the daily backup task of the kbox. THEN pull the backups via FTP. Do NOT rely on downloading the backups via the web browser. I highly recommend scripting a regular backup pull via ftp. Once you have the newest possible backup files, make a copy of them and then consider if you would like to try the cleanup. 

Use at your own risk. 

select statement:

SELECT USER.*

 from USER

where (not exists(select 1 from HD_TICKET
where HD_TICKET.SUBMITTER_ID = USER.ID )) 
AND USER.USER_NAME != 'Admin'
AND USER.USER_NAME != 'R1' 

Update statement:

DELETE
USER.*

from USER

where (not exists(select 1 from HD_TICKET where HD_TICKET.SUBMITTER_ID = USER.ID )) 
AND USER.USER_NAME != 'Admin'
AND USER.USER_NAME != 'R1' 

After this runs, you can reimport LDAP users with your typical settings/schedule and will have effectively refreshed to the latest users in ldap at that time. 

To only import active LDAP entries, consider the following filter:

(&(mail=KBOX_USER)(sAMAccountType=805306368)(!(userAccountControl=514)))