Users who are no longer in Active Directory remain in PGP Encryption Server. This makes the Internal User count inaccurate. If PGP Server uses LDAP Synchronization with Active Directory, it also results in the Groups log in the Reporting / Logs page of the PGP Server administration console containing warnings about users who cannot be found.
The Groups log contains warnings like this:
WARN pgp/groupd[2761]: LDAP-00000: failed to map consumer "Example User" (756056ec-7906-4560-bb08-d839c71db118) to a directory
PGP Encryption Server 10.5 and above.
This is by design. Users are not deleted for two main reasons:
Reasons why you may wish to delete user accounts from PGP Encryption Server include the following:
If you wish to remove users from the PGP Encryption Server systematically, please reach out to Broadcom Encryption Support for further guidance.
ISFR-2455
EPG-23205