To delete, or not to delete?
Summer’s here!
At least, that’s what I’m told – I just wish the weather would show it… I also know that for many IT administrators the next few weeks can be the busiest of the year. One of the processes that many will be familiar with is deleting the leavers and creating accounts for all the joiners. So, what are the choices in Live@edu? Do you delete everyone or are there other options?
First, lets look at some of the reasons why you’d want to delete your Live@edu users once they leave your institution:
- Makes managing users less cumbersome
- Increases accuracy of usage figures
- Ensures no abuse of the institution name either by rogue students, or would-be hackers for those dormant accounts
- It’s a clean break from your institution’s IT facilities.
So why would you want to keep the accounts?
- Builds your institution brand with your alumni – particularly in universities this can be a powerful tool
- Provides an easy way to stay in touch with students after leaving
- Allows students to keep their Windows Live SkyDrive contents, as well as Xbox Live and Zune points and purchases
- Leaves students an account they can continue to use when going through the UCAS process, or applying for jobs after graduation
De-Provisioning
Thankfully there are a few options for de-provisioning users that allow you to get the user experience you want. You can choose to delete the mailbox and corresponding Windows Live ID completely, thereby removing access to the entire service including SkyDrive, Xbox Live, Zune and any other Windows Live service. Alternatively you can delete the mailbox but keep the Live ID.
In PowerShell, to delete the mailbox and the Live ID:
Remove-Mailbox <Identity>
To delete the mailbox and keep the Live ID:
Remove-Mailbox <Identity> –KeepWindowsLiveID
This can also be done through the Exchange Control Panel. There are some things to consider, though:
- Typically, a deleted mailbox is visible when you run the Get-RemovedMailbox cmdlet or on the Deleted Mailboxes page in the Exchange Control Panel. To access the Deleted Mailboxes page, select Manage My Organization > Users & Groups > Mailboxes > Deleted Mailboxes
.
If a deleted mailbox isn't recoverable, it won't appear on the list. When isn't a mailbox recoverable? See Deleted Mailboxes.
To recover a deleted mailbox, see the following topics:
When you delete a mailbox and keep the Windows Live ID using the Remove-Mailbox cmdlet with the KeepWindowsLiveID parameter, you can associate the Windows Live ID with a new mailbox. See Create a New Mailbox for an Unassociated User ID.
When you delete a mailbox and don't keep the Windows Live ID, you can recover the associated Windows Live ID when you recover the deleted mailbox. However, you need to change the password.
Alumni & PCNS
If you’re using some identity management software, such as Microsoft Identity Lifecycle Manager 2007 FP1, with the Password Change Notification Service you will need to consider how you’re going to manage alumni IDs, as you’ll likely have disabled the feature in the Service Management Portal for users to be able to manage this through Live@edu. If you want to keep alumni accounts in the same domain as your other users you will need to keep the alumni users in your Active Directory too, and manage password change requests accordingly; however, if you move alumni into a separate domain (i.e. an accepted domain), you can allow those users to change their passwords manually.
Photo by Loren Sztajer