Using the unregister feature, users registered to the Password Manager can be removed. Note that the user is removed only from the Password Manager and not Active Directory.
To unregister a user from the Password Manager
-
On the home page of the Administration Site, click General Settings > Unregister Users.
-
On the Unregister Users page:
-
If you want to unregister individual users, expand the Select Users tree, click Add, manually search for the individual user, select the required user from the results, and click Save.
-
If you want to select a user group, expand the Select Groups tree, click Add, manually search for the individual groups, select the required group from the results, and click Save.
-
If you want to select the entire organization unit (OU), expand the Select Organizational Units tree, click Add, manually search for the individual OU, select the required OU from the results, and click Add.
-
-
Click Unregister User to unregister the users.
NOTE:
-
To run the task at a specified time, select the Schedule at, specify a time to run the task, and click Save.
-
If a task to unregister an user is scheduled at a later time and you want to unregister the user at the current instance, click Remove Setting to delete the scheduled task settings and click Save.
-
If you have the Domain management account configured with a user other than the Active Directory Administrator then, make sure that the Write permissions are available to the storage attribute of the security questions (comment, by default) for all the users/ groups/OUs that is configured to be unregistered.
-
If the users/ groups/ OUs that needs to be unregistered are a member of Readers/ Administrators group in the ADLDS then, the Write Permissions are already inherited.