Orphaned Sheets after AD termination
We manage all our users/licensing through AD integration. If an employee leaves and I'm not notified promptly, IT deletes their AD account and any sheets etc. they own become 'orphaned'. They still exist and can be viewed, but are locked and you get error messages that the owner is not part of our organization. I can manually create a dummy user through the Smartsheet Admin UI with the same email address and the sheets become more functional, but I still can't take ownership (even as a sheet/workspace admin). For security/audit reasons, creating a dummy user in AD is not a popular option at my company, so I'd really like a way to force the ownership transfer.
BONUS POINTS on the product roadmap. As an enterprise customer, I'd LOVE more control over how my email domain can be managed. I feel I (Account Admin) should be able to access any object tied to the registered domain/s of my enterprise account, and I'd love to be able to block unauthorized account creation using our emails. My security team would buy you dinner.
Answers
-
@Steve C. I am fairly sure that the AD to SmartSheet integration can be configured so that sheets and other objects are transferred to a default SS account when someone loses their license because their AD account is deleted.
I negotiated with our AD and security team that I could login as this service account (we call it Escrow) so that I can see any such sheets and transfer them to whoever needs them.
I'll buy lunch and a day at the spa for whoever enables the ability to "... block unauthorized account creation ..." (But they need to fly to Winnipeg ;) )
Cheers,
dm
-
So that's dinner in Seattle and lunch with spa in Winnipeg if we get the feature - "Users cannot create a stand-alone account using an email domain tied to an Enterprise client." 🍽️
Who else is in?
-
Thanks Dale. I'll have our AD team look into that.
