Wondering how to stay on top of orphaned users in SharePoint and Microsoft 365? ShareGate makes it easy to identify orphaned users so you can maintain an organized and healthy Microsoft 365 environment.
This article was inspired by a particular user whom my colleague, Jimmy, and I are often interacting with. He didn’t want his name to appear publicly so, for the needs of this article, I’m going to call him Mathew.
Mathew is a Senior SharePoint administrator for a company employing thousands of people. He has been working there for 6 years already, and he was discussing how the company has changed over the past few years. He mentioned that a corporate restructuring took place, and some employees were let go.
Of course, he deactivated those users within the Active Directory of his environment, but they were not removed from site permissions and documents marked as being authored by them.
Finding and removing all orphaned users is a painstaking process. In sharing his scenario below, we walk you through how he tackled the task of finding orphaned users in SharePoint to meet the expectations set by his superiors and adhere to SharePoint security best practices.
Table of contents:
What is an orphaned user?
An orphaned user is a user account still referenced by SharePoint even though the user can’t access SharePoint anymore.
When you disable or delete a user from your Active Directory (AD), that user’s permissions and references in metadata fields such as Created by and Modified by do not get removed in SharePoint or Microsoft 365.
It’s important to note that an external user can also be an orphaned user.
Why you should clean up orphaned users
Cleaning these users is important because they may have site permissions or documents marked as being authored by them.
If you don’t do anything, your tenant becomes increasingly cluttered, making it hard for you and your users to find the resources that you need which can easily lead to frustration.
Check it out: 8 tips for planning your SharePoint
Finding SharePoint orphaned users
Mathew was essentially looking for a way to keep track of all SharePoint orphaned users across his farm. When we came back to him with info on what ShareGate can do, he sounded intrigued.
ShareGate would effectively reduce the amount of work he would have had to do in order to track orphaned users. ShareGate is Microsoft 365 management solution for migrations and everyday Teams and SharePoint operations. He was taken aback by how user-friendly and effective it was in meeting SharePoint best practices when it comes to user management in his Microsoft 365 environment.
Back to the specific case of orphaned users. What he did to access this information was pretty simple. He first connected to his SharePoint and Microsoft 365 environment and then selected the ‘Reports’ feature.
ShareGate provides custom and built-in reports that give you a total overview of your SharePoint and Teams inventory.
In his case, he selected the ‘Orphaned user report’ among the options.
Doing so prompted him to select the targets of his search within his SharePoint farm. In his case, he wanted to search across the entire farm, which is achieved by simply checking the box on the left side of the desired target.
Once all his search criteria were set, Mathew simply clicked on ‘Next’.
From this point, all he had to do was hit the ‘next’ button, and let the magic happen while enjoying the pleasure of biting into a juicy red apple. A couple of seconds later, all the orphaned users appeared, saving him plenty of hours of work.