Hello!!

Due to a change in the scope by our client reducing the number of organizations and users included in the scope when we were closed to go live, I need to clean the IGI database to do a reconciliation of organizations and users from scratch.

Is there any process or SQL script to clean organizations, users and account easyly, quickly and securely?
I'm scared about let some rubbish information stored in the system and to have some problems when I reconciliate again with the new scope.

Should I use the tool to do a massive delete of users by uploading a XLS file? I'm not sure what will be the state of the accounts after this. 

Thanks in advance.

Kind regards.

------------------------------
Juan Manuel Prado Iglesias
IAM Expert
------------------------------

Hi Juan Manuel,

Unpicking individual data objects can be challenging in IGI - eveything is linked. IGI also likes to keep many objects to ensure the integrity of its audit trail (often objects aren't really deleted, just hidden). You could run remove bulkload operations or CSV deletes, but you run the risk of not capturing everthing. Selectively deleting rows in DB tables via SQL carries an even higher risk.

If you want a clean database, it may be simpler to rebuild it from scratch (i.e. create a new DB instance and get IGI to populate it).

If you just want to delete users, accounts, and orgs, you may be able to delete all the applications (manually, or via a bulkload remove) which would clean up all accounts and permissions. Then you could remove the users (bulkload would be easiest, you could create a bulkload report of users and run that against a remove bulkload), then remove the orgs (again bulkload if you have a large tree, and using a report to generate a bulkload file list of orgs).

------------------------------
David Edwards,
WW Tech Enablement SME for IGA and PAM Products
IBM Security
------------------------------

Original Message:
Sent: Tue October 01, 2019 05:55 AM
From: Juan Manuel Prado Iglesias
Subject: How to clean IGI Database (Organizations, users, accounts)

Hello!!

Due to a change in the scope by our client reducing the number of organizations and users included in the scope when we were closed to go live, I need to clean the IGI database to do a reconciliation of organizations and users from scratch.

Is there any process or SQL script to clean organizations, users and account easyly, quickly and securely?
I'm scared about let some rubbish information stored in the system and to have some problems when I reconciliate again with the new scope.

Should I use the tool to do a massive delete of users by uploading a XLS file? I'm not sure what will be the state of the accounts after this. 

Thanks in advance.

Kind regards.

------------------------------
Juan Manuel Prado Iglesias
IAM Expert
------------------------------