Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,298,354
Community Members
 
Community Events
165
Community Groups

Azure Provisioning - Oops - Provisioned everything!

In re-setting up the user provisioning (in a new Azure Atlassian Cloud app) I apparently managed to sync everything from AD, including shared mailbox "users," other non-staff user accounts and every group in the directory.  Gak. Shake-fist.

The question now is - how do I effectively REMOVE all of this?  (cleanup on Aisle 8, please)

I can manually remove groups - a pita, but do-able.  But I can't seem to remove users - they're all "managed by my identity provider." 

If I  nuke the App in Azure AD and remove the directory in Atlassian Access, will that allow me to remove all of this excess baggage I didn't want/mean to add?

FWIW - I set up the app to include only a single group with 1 user. Yet, I managed to slurp in it all. 

Hrumph for learning the hard way. Thanks in advance for your insights. 

1 answer

1 vote
Dave Meyer Atlassian Team Jul 11, 2021

Hi @Jennifer Osborn ,

Unfortunately removing the app in Azure AD and deleting the directory won't remove the accounts on the Atlassian side. If you remove all of these non-"users" from the app in Azure AD, then the accounts will get deactivated on the Atlassian side (so at least you won't get billed for them)

If you would like to fully clean them up, you will need to delete the accounts on the Atlassian side. It's not possible to do this in bulk or via API as far as I know, but it can't hurt to contact Atlassian support as we may have an internal way to do it.

>I set up the app to include only a single group with 1 user. Yet, I managed to slurp in it all.

Hmm, I'm not an Azure AD expert so I'm not sure what could have caused this. I'm looking at the "Tip" on this page and perhaps this was the cause? https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/define-conditional-rules-for-provisioning-user-accounts

Screen Shot 2021-07-11 at 6.25.09 PM.png

Hi Dave! Thank you for the response. 

I've manually (sigh) removed the full directory of groups, and with a little patience (I'm not sure what changed) I was able to delete the user/service accounts that had no business in our Atlassian Access suite.

It was a time consuming, "click each user, delete, confirm, confirm, return to list, repeat," but it's done. 

Feature request - bulk management in Access :)

Like # people like this

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Atlassian Access

Atlassian Access Demo Q&A Recap

Hi Community! Thank you to all who joined our ongoing monthly Atlassian Access demo! We have an engaging group of attendees who asked many great questions. I’ll share a recap of frequently ask...

1,153 views 4 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you