Our client faced difficulties in managing user accounts across various stages of the employee journey. With multiple stakeholders including business partners, third-party vendors, agents, and employees, they wanted to revoke accessibility and delete the user accounts on time to prevent data theft.
However, the client’s outdated HR system relied heavily on human interventions and overseeing the user deletion process. This led to inefficient resource allocation and business downtime.
Our client required the streamlined process to address these challenges.
Continue Reading
- Revoke access for relieved or terminated users,
- Reactivate accounts for returning employees within the leave of absence tenure,
- Implement hard deletion of inactive user profiles across multiple platforms till the cut-off date.
Manual handling of these processes was time-consuming and error prone. So, they sought a team of experts to achieve these goals.
Solution: Automating user deletion process with Okta workflow and PowerShell
We analyzed the client’s IT infrastructure and user de-provisioning business logic. By gaining an in-depth understanding of their HR operations, we devised a strategic solution to automate the user hard deletion process.
Our IAM experts recommended a combined approach utilizing Okta workflow and PowerShell to automate user deletion across Okta, Active Directory, and O365 platforms.
The solution was designed to address each specific challenge:
- User account de-provisioning: Upon the termination or relief of employees or agents, the system will automatically trigger the de-provisioning of the Okta account. Subsequently, the integrated Active Directory and O365 accounts will be disabled through agents and connectors by leveraging Okta Workflow. We introduced a centralized hard deletion table that stored relevant information, including creation and expiry dates to manage the user profile.
- Organizational Unit movement: A PowerShell script was developed and triggered periodically at regular intervals. When users are terminated, the script pushes their respective active directory accounts from the existing organizational unit to a disabled organizational unit.
- Hard deletion process: To automate the user deletion process, we deployed another custom PowerShell script. This recovers the user profiles that have the current date as expiry date from the hard deletion table. Upon retrieval of records, the user accounts in Okta, active directory, and O365 will be deleted permanently.
Overall, the entire workflow from de-provisioning user accounts to hard deletion was automated using a customized Okta workflow and PowerShell script solution.
Benefits: Achieving an effortless IAM management process
After automating the user deletion process,
- The client experienced a 65% reduction in the efforts required for user de-provisioning.
- The client saved 57+ hours on their HR operations, leading to effective resource utilization.
- They were able to reduce the risk of manual errors by 89%.
- Both the HR and IT teams were able to focus on critical tasks rather than manual Okta user movements.
Ready to automate your internal workflow with cutting-edge solutions?
Our zeb experts streamlined the user deletion process, substantially reducing the efforts of the client. Contact our team today and discover how our automated solutions can transform your organization’s user deletion processes.
+1 732 737 9188
sales@zeb.co
