Skip to main content
Auto-delete preserved users
Updated over a week ago

Overview

You can preserve a user in inSyncat any point in time. Such users cannot backup any more data.inSyncmarks the users as preserved using one of the following techniques:

  • Preserved manually by an administrator.

  • Preserved automatically through AD/LDAPsync process.

  • Preserved automatically when a user account is disabled or deleted in the IdP in case of SCIM deployment.


❗ Important

  • Auto-deletion of preserved users managed using AD or LDAP is handled by the AD/LDAP auto-synchronization job, which is part of the auto-synchronization feature. For more information, see Synchronize users with your AD/LDAP.

  • Auto-deletion of preserved users, which are manually managed or managed using SCIM is handled by the auto-deletion job.

Both jobs may run at different times. Hence, administrators might observe that the preserved users that are supposed to be deleted on a particular day are deleted at different schedules when these jobs are run by inSync.


By default, there is a limitation to the number of users that you can mark as preserved. The number of users that you can preserve is dependent on the number of preserved user licenses purchased by your organization. For more information on how to preserve a user, see Preserve Users.

As a Cloud administrator, using the auto-delete preserved users feature, you can control the number of preserved users in inSync by automatically deleting preserved users after a certain duration specified in the number of days.

When enabled, in sync automatically deletes users who are marked as preserved.


πŸ“ Note

  • Once the user is auto-deleted, the data of that user is also deleted frominSync. You cannot recover this deleted data again.

  • User data is retained or deleted based on the backup retention policy you have defined through profiles.

  • If a preserved user is under Legal Hold, such a user will not be deleted.

  • If a preserved user has shared data with guest users and has guest user accounts having access to the data, such a user will not be deleted.

  • If a preserved user has an active Shared/Resource Mailbox that is getting backed up such user will not be deleted.


Procedure

To enable auto-deletion of preserved users

  1. On the Endpoints console, click Profiles.

  2. Select the profile for which you want to enable the auto-deletion of preserved users.

  3. Select the Edit button at the top right.

  4. Click the Endpoints option from the dropdown. The Edit Profile window appears.

  5. In the Data Preservation area, click Edit.

  6. Under the User Settings tab, go to the Device Settings for Users area.

  7. Select the Auto delete inactive devices checkbox.

  8. Set the number of days in the Delete inactive devices after field after which the user and their data should be automatically deleted frominSync and click Save.


πŸ“ Note

  • The users to be auto-deleted must be in the Preserved state for a minimum of 30 days and a maximum of 366 days.

  • If a user has been in a Preserved state for 30 days and the number of days mentioned in the Delete preserved users after the box is also 30, then this user will be deleted during the next deletion job. Auto deletion is triggered every day at UTC 9:00:00.


Preserved users in a profile are deleted automatically based on the days specified in the profile, and the user is not on Legal Hold.


πŸ“ Note
​Before deleting user accounts that are managed using AD or LDAP, inSync checks the status of the inSync Connector mapped with Druva (independent of whether an AD mapping exists or not). inSync deletes the preserved user only if a connection between the inSync Connector and Druva exists. Preserved users are deleted irrespective of whether their accounts exist in the AD or LDAP or not.


The information and activities for the preserved users are mentioned in Preserved Users report.

Alert is sent to administrators if user preservation fails due to insufficient Preserved Users license. For more information, see Alerts.


πŸ“ Note​

  1. When a user is disabled or deleted in M365, post the sync, Druva preserves the user. User can stay as preserved and retain the data for life in Druva, however in a condition where preserved user is added to a profile where 'Auto-Delete Preserve User' option is enabled and 'Auto-Delete after β€œx” days' is set then in such scenario preserved user will get deleted as per the due date. Reference article - Preserve, enable, and delete users

  2. This behavior of the user being preserved and Exchange Online backing up successfully only occurs if the user mailbox is converted to a Shared Mailbox. Such preserved users will use Shared/Resource license in Druva and will not get deleted even in the 'Auto-Delete Preserved User' scenario. We can delete such users from Druva either manually from the Druva admin console or delete the Shared Mailbox from O365.


Did this answer your question?