[horde] delete all data from inactive users and old data from active users

cheese at nosuchhost.net cheese at nosuchhost.net
Wed Jul 18 14:45:01 UTC 2018 


On Tue, 17 Jul 2018, Arjen de Korte wrote:

> Citeren cheese at nosuchhost.net:
>
>> hi
>> 
>> i have two goals:
>> a) completly delete old users, as those are no longer entitled to use our 
>> service. i think feeding their usernames to horde-remove-user-data should 
>> to the trick. is this sufficient?
>
> Probably not. It depends on the authentication backend in use. In many cases, 
> users are authenticated against an IMAP server. If you don't remove their 
> account there, they will probably be able login after you removed the user 
> data and start all over again. You really should remove the user from the 
> authentication backend and only after that, remove the user data.

the users are already deactivated in the auth-backends. i just need to 
"clean" horde.

>> b) i would like to delete OLD data for users with several 
>> active-sync-enabled devices. some of our users change their devices quite 
>> frequently or had to reset their desktop-outlooks,... i assume there should 
>> be some syncstate on a per email/contacts/... -device-user basis. i would 
>> like to delete such syncstates older than eg 1 year. is there some script 
>> to accomplish that?
>> i already looked at horde_activesync_state, but would need some "educated" 
>> advise there.
>
> Automation may not be the answer here. I would configure Horde to allow only 
> one or two ActiveSync devices per user through the Permissions system 
> (Horde->ActiveSync->max_devices). This makes the user responsible for removal 
> of the old devices (horde/services/prefs.php?app=horde&group=activesync) 
> before they can add a new one and prevents you from accidentally erasing a 
> dormant device without explicit approval from the user. People hate it when 
> devices have to go through an unexpected resynchronisation while on the road.

thats not possible in our situation. and our users would never expect to 
do that themselves. the text "NOTE: WIPING A DEVICE MAY RESET IT TO 
FACTORY DEFAULTS. PLEASE MAKE SURE YOU REALLY WANT TO DO THIS BEFORE
REQUESTING A WIPE" is not building confidence. no user will click onto
anything on a page with that text. i think i will try to find "what" that 
button does in the background. we assume - and communicate with our users - that 
devices without communication for 1 year wont come back.

will come back with any findings.

> -- 
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>
>

More information about the horde mailing list