Avaya Aura® Device Services periodically synchronizes user data with enterprise LDAP servers to keep the internal user database up-to-date. If a user is deleted or marked as inactive in LDAP, Avaya Aura® Device Services deletes this user from the internal database. Therefore, the user will be deleted from all services that use this database, such as Avaya Spaces or Automatic Configuration.
There might be use cases when LDAP indicates that a user is deleted or marked as inactive, although the user remains in LDAP. For example, this might happen if the email attribute is not mapped correctly to a user in LDAP or if an invalid search filter is configured on an LDAP server. Consequently, the user deletion from the Avaya Aura® Device Services database might cause a service disruption for the user.
Avaya Aura® Device Services can track the number of users deleted or marked as inactive in LDAP between two consecutive synchronization events. Many deleted or marked inactive users might indicate that LDAP provides incorrect status for some of these users to Avaya Aura® Device Services. Therefore, user deletion from the internal database might not be required. You can configure Avaya Aura® Device Services not to automatically delete from the internal database users deleted from LDAP if the number of deleted users exceeds a certain threshold. If Avaya Aura® Device Services detects that the number of users deleted from LDAP since the last synchronization exceeds the specified threshold, Avaya Aura® Device Services does the following:
Displays a warning on the Enterprise Directory page of the web administration portal prompting you to confirm the user deletion.
Raises an alarm on System Manager or on other SNMP server configured in your deployment.
You must manually confirm or abort the user deletion from the internal Avaya Aura® Device Services database. Avaya Aura® Device Services keeps the users pending deletion in the database until you explicitly confirm the deletion.
If the number of users deleted or marked as inactive in LDAP since the last synchronization event does not exceed the threshold, Avaya Aura® Device Services deletes these users from the internal database automatically.
Note:
Operations on the internal database do not affect LDAP user data. For example, if you decide to keep a user deleted from LDAP in the internal database, this user is not restored on LDAP. This user will exist in the internal Avaya Aura® Device Services database only.
If you do not use automatic synchronization with LDAP servers, Avaya Aura® Device Services tracks the number of users deleted from LDAP since the last forced synchronization.
