Delete the Users from Directory

@Pramodh M Jira Server/DC will not let you delete users if they are referenced somewhere in the data. This problem only applies to Confluence. Unless you mean "delete" as "delete the whole directory"?

@Ed Letifov _TechTime - New Zealand_ Yes you are right, Jira will not let you delete the user if referred in components, an assignee, reporter, or a project lead.

Another good option might be to just anonymize the user instead of deleting, if not possible. 

I was not mentioning about the whole directory

I plan on using Azure AD, however since I was testing the migration of the server instance, it migrated the users as well. So if I am understanding it correctly that after the projects, data etc is migrated, I can setup Azure AD as IdP and then remove those not needed? Currently I have more than 500 users, what's a good way to bulk remove them?

Thanks.

-S  

So what is a good way to delete the directory in the Cloud?

-S

@IT Group see my other answer about "the good way"

Azure AD will "take over" the users that match by email, and from that moment if a user is disabled/enabled in AD – this will be reflected to Cloud, same as group membership. If a user disappears from the scope of sync – the user will be disabled in Cloud too. See this page for details: https://support.atlassian.com/provisioning-users/docs/understand-user-provisioning/

However, IdP won't do anything to those redundant users who already exist in Cloud but not in AD (i.e. long gone remnants that were pushed from the Server during migration) – you should deactivate them as described.

Our recommendation (we are a Platinum Atlassian Solution Partner in New Zealand and Australia) is NEVER to delete a user in Cloud (as it leaves "Former User" references – i.e. no traceability), unless it is in fact a privacy "forget me" request or the account is clearly an incorrect i.e. unverified one.

You cannot delete the directory in cloud and should not be performed in server as well.

These users are required on cloud Atlassian site. Now if we talk about those that are not needed, just remove those users once they users are migrated over to the Cloud and then integrate AD. This should work.

@Pramodh M 

The main problem that unlike Jira Server/DC that will not let you delete a user record that has references in the data – Cloud will happily delete and anonymise the data.

There is really no easy way to tell if a user who looks "redundant" now didn't create an issue or leave a comment or edited something 2 years ago while on Server.

So, our advice is always: don't "remove", don't "delete" – only "deactivate"

Yes, I agree. I believe the reference is made only for those accounts that are redundant meaning, they might have left the company or they might be duplicates. Either way, we way to take an action on those atleast!

Thank you all for this information. The scenario I have is slightly different. These were test migrations and even one through a sandboxed environment. So before I run a migration for a production environment, I would like the Directory to be empty. But it seems like there doesn't seem to be an easy way to do so except using the User Management app.

Thanks.

-S

@IT Group 

The Directory contains all your managed (i.e. from your email domains) users across the whole cloud, not just your sites – in other people sites, Trello, University, this very Community.

Atlassian's migration tools are smart enough to MERGE whatever is coming from Server to Cloud. A clean empty directory at the target is not a pre-requisite and can't be achieved in the first place for many organisations.

Imagine these scenarios:

1) You've migrated, into a site with an emptied directory, only pushed your current users. Everything looks perfect and life is bliss. Go forward 2 years. New people joined, but some people left. Once they leave you don't want to delete them, you deactivate. So your directory is not "active users only".

2) Your organisation has been using Cloud in some form (e.g. with Trello) before this migration, so you already have some users in Cloud – some are active, some deactivated. Now you need to do the migration – you can't delete users who are using another product right now. So you push extra 2000 users, then deactivate 1500 of these. Same result in terms of directory.

So, don't worry about the directory state before migration. Only worry about deactivating users after migration. Deactivated users can't login and don't affect billing – so who cares if they are there?