Deleting Users from Mimecast

Document created by user.oxriBaJeN4 Employee on Sep 14, 2015Last modified by user.oxriBaJeN4 Employee on Apr 2, 2019
Version 10Show Document
  • View in full screen mode

Administrators can delete user accounts from either their Mimecast account or their internal LDAP environment. Typical reasons for doing this are account management or ensuring inbound messages to a user are no longer accepted by us.

User accounts cannot be deleted until all accepted messages (e.g. messages in the delivery or held queues) for that user are processed by us.

Address Validation

 

We provide different options to validate the recipient of an inbound message. The recipient validation method configured for your internal domains, and the status of the user account, determines if the message is accepted by us. Email accounts have an icon that displays their status. For example:

  • Whether it is added to the internal domain based on a directory synchronization.
  • Because it's a known recipient (i.e. we've previously processed a message for the email address and added the account to the internal domain).

 

For example, if the recipient validation method is set to LDAP users only, and the user account status is "Known Recipient", an inbound message to this address is rejected as an invalid recipient. However if recipient validation is set to "Known Recipients" messages are accepted for any LDAP or manual email addresses in the internal domain.

Validation methods can be configured differently for each of your internal domains by a user with a role to configure domains (e.g. Basic Administrator). See the Manage Recipient Validation page for further details.

Deleting Users from Mimecast

 

We recommend you don't delete email address accounts from your Mimecast account. If an address is deleted from the user directory, any active items relating to that user (e.g. accepted email) won't be added to the archive and won't be available. However all email in the archive is available if you perform an archive search.

 

You cannot delete directory synchronized email address accounts from your Mimecast account, as they would be readded during the next directory synchronization. To delete user accounts, they must be removed from your directory, and then removed from Mimecast.

 

Once completed, the user is added to a purge list. A task is automatically scheduled at midnight to remove users from the purge list, providing there is no active mail for them (e.g. held / accepted messages).

A retention adjustment can also be used to permanently remove messages for a specific user from the archive if required.

Deleting a Single User

 

Address_purge_confirmation.pngTo delete a single user from Mimecast:

  1. Log on to the Administration Console.
  2. Click on the Administration toolbar menu item.
  3. Select the Directories | Internal Directories menu item.
  4. Click on the Domain to which the user's email address belongs.
  5. Right click on the Email Address to be deleted.
  6. Select the Purge Address menu item.
  7. A warning notification is displayed (see right) that includes a list of all the log entries that will be purged.
  8. Click on the Confirm Data Removal button inside the notification.

 

Deleting Multiple Users

 

To delete multiple users:

  1. Log on to the Administration Console.
  2. Click on the Administration toolbar menu item.
  3. Select the Directories | Internal Directories menu item.
  4. Click on the Domain to which the user email addresses belongs.
  5. Select the Tick Box on the left of each email address to be deleted.
  6. Click on the Purge Selected Addresses button.
  7. A warning notification is displayed that includes a list of all the log entries that will be purged:
  8. Click on the Confirm Data Removal button inside the notification.

 

Removing Users from the Purge Address List

 

When a user's account is deleted, it is added to the purge list. You can remove users from this list to reverse a user's deletion.

  1. Log on to the Administration Console.
  2. Click on the Administration toolbar menu item.
  3. Select the Directories | Internal Directories menu item.
  4. Click on the View button.
  5. Select the Address Purge List menu item.
  6. Right click on the Email Address to be removed.
  7. Select the Remove Item menu item.

 

Deleting Users from Active Directory

 

When accounts are deleted from Active Directory, the account isn't deleted from Mimecast. Instead it's status is changed from "Extracted from Directory" to "Message in Transit" once the next directory synchronization is performed. This means that if your recipient validation is set to "Directory Users" only, external senders will no longer be able to send messages to these addresses. Only users with a cloud password for that account can access the content of the messages for that address.

A protection mechanism is in place that only allows 10 Active Directory addresses to be updated during a synchronization. This is to prevent any mass changes should a customer experience a configuration issue internally.

See Also...

 

Attachments

    Outcomes