Fortanix Data Security Manager - Sysadmin - Delete Users and Accounts

Introduction

This guide describes how a Fortanix-Data-Security-Manager (DSM) System Administrator can clean up users and accounts when the users leave an organization.

Disable and Delete Accounts

Before deleting a user, you have to first check that the user does not belong to any active accounts. If the user belongs to an active account, first delete the account. To delete the account, you should first disable the account and then delete it.

Disable Account

When an account is disabled, it will go into a waiting period before it can be deleted. This is to ensure that an account is not deleted by error. The wait period duration for account deletion in Fortanix DSM is 7 days. This cannot be configured.

To disable an account:

1. Go to the Accounts page.

2. Select the check box for the account to be disabled and click DISABLE to disable the account.  

   

3. Once the account is disabled, see the Comments column in the Accounts table. Notice that there is a waiting period displayed until which the account can be enabled.  

   

4. If you want to enable the account, click the Disabled only check box on the top of the Accounts page. This will filter all the disabled accounts.  

   

5. Select the check box for the account that is disabled and click ENABLE on top to enable the account.  

   

Delete the Account

When the waiting period has been completed to re-enabling the account, the sysadmin can delete the account. To delete an account:

1. Go to the detailed view of a disabled account.

2. If the waiting period is still valid, then you will see a message that shows how many days are remaining to delete the account.  

   

3. When the waiting period has passed, the DELETE ACCOUNT button will be enabled.

4. Click DELETE ACCOUNT to delete the account.  

   

5. In the DELETE ACCOUNT window, click DELETE to confirm the account deletion.  

   

   NOTE

   When you delete an account, the action is irreversible.

Disable and Delete Users

Disable System Administrators/Operators

When a System Administrator/Operator is disabled, all the sysadmin access will be instantaneously terminated for that user, and they will no longer be able to select the System Administrator account after login. To disable a sysadmin/operator:

1. On the System Administration page, click the USERS tab.

2. Select the check box for the sysadmin/operator to be disabled and click the Disable button.  

   

3. To enable the user, select the check box for the disabled user and click ENABLE on top to enable the user.  

   

Remove the User as Administrator/Operator

To remove a user from the Fortanix DSM System Administrator or Operator role:

1. Select the check box for a user to be removed as sysadmin or operator and click the REMOVE SELECTED button on top.  

   

   The user is now removed from the SYSTEM ADMINISTRATORS tab and will lose the sysadmin/operator privileges.

Delete the User

When a user is not a part of any Fortanix DSM accounts, you can delete them. To delete a user:

1. Go to the USERS tab on the Users page. Select the user to be deleted.

2. In the detailed view of a user, click DELETE USER to delete the user.  

   

3. In the Delete User confirmation dialog, click DELETE to confirm the deletion.  

   

Edit the System Administrator/Operator Role

Sometimes there might be a need to switch a user’s role from System Administrator to Operator or vice versa. To edit a user role:

1. On the USERS page, select the SYSTEM ADMINISTRATORS

2. From the list of system administrators/Operators, hover on a user and click the Edit icon   at the end of the row.  

   

3. In the Role column, click the drop-down for the user and change the role to Operator or Administrator.