We have CA Advanced Authentication including CA Strong and Risk Authentication 9.0 installed on windows servers. This solution connects to MS SQL database. We are using Active Directory as the user store. Now we see that users who are no longer part of the organization still have entries in database of ARWFOTP, ARWFARCOTID and ARWFQNA.
What is the best way of deleting all entries from the database for separated users. Does deleting the users from AD deletes entries from these database or we need to delete it manually?
Release : 9.0
Component : AuthMinder(Arcot WebFort)
When a user is removed from external repository( AD or LDAP) the respective credentials that user has, are not deleted and our recommendation is that when a user leaves the org and their information is removed from external repository, the credentials of the user should be deleted/disabled from Admin GUI too. This activity will only change the status but user information will still be present in DB, this is the recommended way. The user record is maintained for the Audit purpose.
If you need to delete the user information from credentials table then you need to run the delete queries specifically. You can get the USERREFID from ARUDSUSER table and then delete that entry from the credential table. If you need any help in doing this please reach out to Support and they should be able to help.