Systems Management Question

Removing disabled users from k1000?

03/01/2017 2577 views
I'm looking for information on how everyone is removing disabled users who were termed and originally automatically imported through LDAP from the kace applicance. Kace support says the only way to do this is by deleting all users, and then re-importing all current users through LDAP again.

This can't be the only way!

I've seen multiple requests (starting from at least 2011) asking for an automated feature to remove disabled users but can't find any info on if this was added in or not. I thought you could create smart labels for users who were disabled, and then manually clean it out one a month or so, but can't figure out how to create the labels (not an option in label creation). We have 10,000 user records, and only 2,000 current employees, so we'd like to clean up the database.

We are running k1000 version 6.4 currently.
1 Comment   [ + ] Show comment


  • Agreed! We've managed to accumulate over 10,000 users in our k1000, because there is no automated clean up of users that are no longer in LDAP. Received the same response from a support rep, advised him that this does not work, especially when you are talking about removing active users, with active tickets.

All Answers

Keep in mind that when you remove users their information is completely removed from Service Desk tickets. I.E. if user1 is the owner and user2 is the submitter in a ticket and both users are deleted, then the ticket will be blank for both owner and submitter. This is the reason we are not pruning users, even though there are 13,000 on the box.

If you still wish to do it, and don't want to do it the advised way, you'll have to use the "dark magic" of Custom Ticket Rules to explicitly drop columns from the USER table. However, I'm not even sure that will work.
Answered 03/01/2017 by: JasonEgg
Red Belt

  • I understand that the ticket owners would have issues if we just started deleting them, which is why we are archiving tickets first. We are looking to delete users who are currently not associated with any non archived tickets as the next step. According to the Dell rep we spoke to, the ONLY CURRENT WAY to prune users is to delete *all* users from the k1000, then re-import users through LDAP which we are not going to do as for the reasons we've already said.

    I was hoping someone had come up with a work around such as a disabled users smart label, but I've had no luck with this issue.
I also have a LDAP label pulling my users in. What we do is remove all the User labels in KACE for the person leaving. In Active Directory I move the individual's account from the Users container to Disabled Users. Then they don't get picked up in the LDAP anymore.
Answered 03/01/2017 by: AndrewQ
Green Belt

  • We also move them to disabled in AD and remove access in the kace system, but there needs to be an easy way to remove disabled accounts from the k1000. I feel its silly that you can easily import, but cannot modify or delete without doing so one user at a time.
Here's a query which will get you all users who are not associated with any tickets:
             (SELECT DISTINCT U.ID
              FROM `USER`     U
                   INNER JOIN HD_TICKET H1 ON H1.OWNER_ID = U.ID)
             (SELECT DISTINCT U.ID
              FROM `USER`     U

From there you could create a label, then use the user view to delete them. Not ideal, I know, but my only other idea is a Custom Ticket Rule with manual DROP... which is dangerous so I don't advise it. If you have a test environment, you could try the CTR there.
Answered 03/02/2017 by: JasonEgg
Red Belt

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ