VAM | Leaver Process
Overview:
The below document contains the detailed procedure on how to perform user leaver request for VAM.
We will get the request from the client that includes the “Leaver IT Access Form” containing all the necessary information of the user who will be leaving the organization. Always double check if we have the approval signatures on the form before we proceed.
Client:
VAM
Please ask Ben/Stutee/Anthony/Paul to add the leaver form to the client's shared folder.
Steps:
Step 1: Get the user first name and last name from the form and check his last day.
Once you have this information navigate to -> ConnectWise ->Client name -> Azure HK -> PMM1 server (VAM-HK-AZ-PMM1) -> Select Control.
Once you're in the machine, Navigate to the AD server:
ADUC> vam.viridianam.com > VAM > HK > Users > 0365 > select the user and right click on the user > Reset Password.
Step 2: Once we have reset the user's password, we would need to update it the password vault.
Go to Devolutions > Zsubmission > Support > Leaver > Create User name and password > add > View
Step 3 : Navigate to O365 admin Centre > Users > select the user > User details will be popped up > Click on "Block sign-in" > Save changes.
Step 4: Removal of Distribution List membership.
To identify which DL groups that the leaver is a member of, we need to go to Azure Portal.
Portal.azure.com > Users > Search the User > Groups
Now, go to Exchange Admin center > Recipients > Groups > Distribution List > search for the DL name > View all and manage members > select the leaver's name and remove.
If the client requested the user mailbox to be converted to shared mailbox, this is how you will do it.
Go to Exchange Admin Centre > Recipients >Mailboxes > select the user > Convert to Shared Mailbox > Refresh > Validate.
Step 5: Removal of License
Please note that you cannot convert a user mailbox to Shared Mailbox if it no longer has a license. So be sure that you convert it first (If only specified in the Leaver IT Access Form) before removing the license.
O365 Admin Center > Search for the leaver's name > Licenses and apps > Uncheck the licenses.
Step 6: Disable account and Remove Group Membership in ADUC.
From Control Center, go to VAM and search for server VAM-HK-AZ-PMM1
Open Server Manager -> Tools -> Active Directory Users & Computers.
Right click on arc.arcmcap.com domain > Find > Search for the leaver's name > Find now > Right click on the leaver's name > Disable Account
Step 7: Capture group memberships in a notepad and save it to C:\Temp\Leavers in PMM1
Run this command in Administrator powershell to get all group memberships of the leaver.
Get-ADPrincipalGroupMembership username | select name
Copy the entire command with the results of the membership and save it as a notepad.
After saving the notepad in C:\Temp\Leavers, you may now proceed in removing all the group memberships of the leaver in ADUC.
On the Member Of tab > Select the first group the press and hold SHIFT key then press the last group membership to select all, then click Remove. Retain Domain Users.
Then move the leaver's username to Leavers OU.
Related Articles
VAM | New Joiner Request
Purpose: The below document contains the detailed procedure on how to perform new joiner request for VAM. Client: VAM Steps: 1. Log in to VAM PMM1 in CW 2. Launch ADUC > VAM >HK > Users > Right Click on O365 > New > User 3. Fill out First Name and ...VAM | Meeting Room Set-up
Purpose Purpose of the article is to have an overview of what is the current set-up in VAM Meeting room Client: VAM Category: Troubleshooting, Error, General Information We have removed the Poly Studio in their meeting room. They are now using a ...VAM | Citrix Workspace
Objective: This article will show you how to install and log in to Citrix Workspace and how to set-up 2FA. Client: Viridian Category: Information Steps: 1. Download the Citrix Workspace app from the link below on your personal laptop or home PC. ...Citrix Workspace Remote Desktop/Apps | Tips in troubleshooting
Purpose: This article will show you some tips that will help your troubleshooting with Citrix Workspace Remote Desktop/ App issues. Client: ARCM, LCA, VAM Category: Troubleshooting, General Information Keep in mind that any changes you make, (e.g. ...EFH Onsite Engineer Check - list (New joiner)
Purpose This KB article is to have a baseline process that can be followed by the On-site Engineer when they are setting up the machine for new joiner. Client EFH / Equities first Holdings Category Onsite, new joiner checklist Steps Link/URL of ...