We have been running One Identity Manager now for many years but have never been deleting any Persons/accounts. We are now close to having 40k perm. disabled users and i would like to implement a clean-up deletion process.
My goal is to automatically delete any Person that have been perm. disabled for more than 2 years. What is the best practice of doing this? I have read that some are using the QER_PPersonDelete_GDPR as clean-up. Would this be a good solution to create a process that runs QER_PPersonDelete_GDPR on all Persons that are perm. disabled and their leaving date is more than 2 years back in time?
If i run QER_PPersonDelete_GDPR for a user that has outstanding accounts connected usch as ADS acocunt etc, what will happen to those? Will they get deleted as well or do they need ot be deleted before the process is triggered?
What if they person for some reason has connected target system accounts that are not marked as outstanding. Will those just be deleted from the database if so?
Version 9.1
How are you guys handling your clean-up of perm. disabled users?