Overview
This article provides the procedure to properly decommission an existing Active Directory (AD) or LDAP integration from the Druva console. This process is a necessary prerequisite for administrators planning to migrate from AD/LDAP to a different user provisioning method to avoid false positive alerts of connector disconnection.
Decommissioning AD/LDAP
This procedure details the steps to remove all dependencies on the existing AD/LDAP integration.
Prerequisites
Before you begin, it is highly recommended that you capture screenshots of all existing AD/LDAP mappings. This will serve as a reference for noting the filters, which will be helpful when creating new mappings in a different identity provider or user provisioning method.
Steps
Remove AD/LDAP Dependency from Profiles:
Navigate to each user profile.
Click Edit.
Under the General tab, change the Login Using method to inSync password. This removes the dependency on the AD/LDAP login method for each profile.
2. Delete AD/LDAP Mappings:
Navigate to the User Provisioning page.
Select all AD/LDAP mappings and proceed to delete them. All mappings must be removed before continuing to the next step.
3. Delete AD/LDAP Accounts:
Navigate to the Druva Cloud Settings page and then to the AD/LDAP page.
Under the Account tab, delete all configured AD/LDAP accounts.
4. Delete AD/LDAP Connector:
Navigate to the Druva Cloud Settings page and then to the AD/LDAP page.
Delete all configured AD/LDAP connectors.
Once all the above actions are completed, the AD/LDAP user provisioning is successfully decommissioned. You can now proceed to configure a new provisioning method from the user provisioning page.