Deleted users sent to the Recycle Bin show up in the ACLs where the user has explicitly granted perm (NETIQKB28053)

  • 7728053
  • 02-Feb-2007
  • 19-Jun-2007

Resolution

fact
Directory and Resource Administrator 6.x

fact
Directory and Resource Administrator 7.x

symptom
Deleted users sent to the Recycle Bin show up in the ACLs where the user has explicitly granted permissions on a file share.

cause
The product is working as designed.

fix
When a user account is sent to the Recycle Bin, the account is disabled and removed from all groups.  However, the user will show up in the ACLs on any folder where the account was explicitly granted access.  The ACLs are stored locally on each machine and since this information is not stored in Active Directory, in order for DRA to remove the user from the ACLs, it would need to query each machine on the network and check the ACLs on each folder and file. This would take a considerable amount of time and thus would not be practical to do since all machines may also not be available during the time the user is deleted.

Additional Information

Formerly known as NETIQKB28053