graph/users: enable/disable users #3064
Comments
|
@pmaier1 I could imagine that we "disable" the users home space when he disappears in LDAP. We still have one challenge: If the user has been the only "manager" of a project space, it will result in a "stuck" situation. We will certainly need a solution how to unblock a space with a kind of "multi-factor" process. @hodyroff like we discussed that already. |
micbar
added
Interaction:Needs-Concept
p3-medium
Type:Epic
|
I would like to discuss that in Product Board. |
|
PB
This needs a general solution as there are other ways to produce this scenario (e.g., simply deleting the last "manager" user). |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 10 days if no further activity occurs. Thank you for your contributions. |
|
Basic support for enable/disable users has been added here: #5588 |
Describe the problem
Our current implementation of the graph API does not allow to query the enabled/disabled state of users. Neither does it support setting it.
For the case where our libregraph implemenation is backed by our own User/Groupmanagement libregraph/idm (or another LDAP Server under our control) we can "invent" our own scheme of enabling/disabling users.
For cases where our libregraph is backed by an extermal service i.e. a read-only Active Directory we need some more flexibility to support whatever the external service provides. For AD e.g. that would need we need to supported the userAccountControl Bitmask attrribute.
Product considerations
Ways to handle it
The text was updated successfully, but these errors were encountered: