What to do when someone leaves the company?

With a Discourse setup that only allows SSO to a corporate infrastructure, what are the recommendations for what action to take when someone leaves?

As I understand it, the options would seem to be:

• Deactivate the account
• Suspend the account
• Delete the account
• Anonymise the account

Some of these are discussed in https://meta.discourse.org/t/suspend-a-user-forever/42629/5 but one of those options - Deactivate the account - doesn’t seem to have a corresponding API call, unless I’m missing it?

I don’t want to delete the account because that would delete the corresponding posts? I don’t want to anonymise the account because that would lose the information as to who posted in the first place.

I could suspend but it looks like I would need to increase the suspend timeout.

Any thoughts on best practice for this scenario?

Thanks.

If SSO won’t allow them to log in, why not just do nothing?

You could add them to a “former employee” or “alumni” group that had a badge signify that they’re no longer at the company.

I would ensure I killed off all the existing sessions for the user though by clicking Log Off on the admin user page.

So my full process would be:

1. Make user non-staff, revert any TL that was set manually.
2. Add title “former employee”
3. If it ended on bad terms: suspend user forever
4. Head to admin user page and click “Log Out” on user admin page.

Just so I’m clear. By “click Log Off” you’re referring to the “Force browser refresh” button under Last IP Address?

@Mittineague No, there is a Log Out button in the top right of the user page:

Regards

Philip

We let email bounces automatically deactivate the account:

Thanks, I was thinking in Moderator mode, not Admin mode