ShareGate

In time, you will add and remove users from the Active Directory (AD) associated with your SharePoint or Microsoft 365 environments.

When you remove users from AD, they become <a href="https://help.sharegate.com/en/articles/10236131-ShareGate-s-migration-tool-FAQ#01H7DDKAXREVD5YKWFCJEY11C4">orphaned users</a>, and their permissions remain even though they no longer have access to your environment.

We recommend that you remove these permissions to:

Keep your permissions more organized and manageable.

Prevent returning users from accessing old content they worked on before they left. For example, a contract employee returns to work on a new project, you reactivate his AD account, and he suddenly has access to old project files he worked on before.

- Keep your permissions more organized and manageable.
- Prevent returning users from accessing old content they worked on before they left. For example, a contract employee returns to work on a new project, you reactivate his AD account, and he suddenly has access to old project files he worked on before.

<a href="#h_01FYPHDC0WNF0ZZB96S4HM4FX1">Prerequisites</a>

<a href="#h_01FYPHDRFYTS670FPBTGSEVW2G">Considerations</a>

- <a href="#h_01FYPHDC0WNF0ZZB96S4HM4FX1">Prerequisites</a>
- <a href="#h_01FYPHDJ3FNT88HKKEZD6174CA">How-To</a>
- <a href="#h_01FYPHDRFYTS670FPBTGSEVW2G">Considerations</a>

You have <a href="https://help.sharegate.com/en/articles/10236097">site collection admin</a> permissions on your targeted site collection(s).

You are <a href="https://help.sharegate.com/en/articles/10236155">connected to your site collection(s), Microsoft 365 Admin center, or SharePoint central admin</a>.

- You have <a href="https://help.sharegate.com/en/articles/10236097">site collection admin</a> permissions on your targeted site collection(s).
- You are <a href="https://help.sharegate.com/en/articles/10236155">connected to your site collection(s), Microsoft 365 Admin center, or SharePoint central admin</a>.

Note: Site collection admin permissions are required even if you have higher admin privileges like SharePoint admin or Global admin permissions. For more information, see <a href="https://help.sharegate.com/en/articles/10236097">Microsoft administrative permissions</a>.

Tip: To manage all your site collections, you can <a href="https://help.sharegate.com/en/articles/10236156">connect to your central admin or admin center</a> with <a href="https://help.sharegate.com/en/articles/10236097">SharePoint admin, Farm admin, or Global admin permissions</a>.

Select Clean orphaned users in the <a href="https://help.sharegate.com/en/articles/10236409">Quick actions menu</a>.

From the dropdown, select All orphaned users, or Specific users to search for and select users.

1. Click Clean now to run the action immediately.
2. Click Schedule to run the action at a later time.

Click Tasks in the sidebar to see the results, including warnings and errors.

1. Click Explore in the sidebar.
2. Select the item to update.
3. Select Clean orphaned users in the <a href="https://help.sharegate.com/en/articles/10236409">Quick actions menu</a>.
4. From the dropdown, select All orphaned users, or Specific users to search for and select users.
5. Do one of the following:
 
 1. Click Clean now to run the action immediately.
 2. Click Schedule to run the action at a later time.
6. Click Tasks in the sidebar to see the results, including warnings and errors.

Clean orphaned users does not remove the assigned metadata within your lists and libraries. For example, if an orphaned user is the creator of a library, their name will still appear in the Created by field after running this action.

If you use a custom authentication provider, orphaned users detection will not be available because ShareGate Migrate communicates with the authentication provider to determine if the user account is still available.

External users can be temporarily flagged as orphaned users when created due to a short time lapse between Azure Active Directory and SharePoint that prevents synchronization.

If you want to clean all your orphaned users, we recommend running an <a href="https://help.sharegate.com/en/articles/10236461">Orphaned user report</a> on your target first. The report ensures that ShareGate Migrate detects the orphaned users correctly before the Clean action runs.

- Clean orphaned users does not remove the assigned metadata within your lists and libraries. For example, if an orphaned user is the creator of a library, their name will still appear in the Created by field after running this action.
- If you use a custom authentication provider, orphaned users detection will not be available because ShareGate Migrate communicates with the authentication provider to determine if the user account is still available.
- External users can be temporarily flagged as orphaned users when created due to a short time lapse between Azure Active Directory and SharePoint that prevents synchronization.
- If you want to clean all your orphaned users, we recommend running an <a href="https://help.sharegate.com/en/articles/10236461">Orphaned user report</a> on your target first. The report ensures that ShareGate Migrate detects the orphaned users correctly before the Clean action runs.

Index

Prerequisites

How-To

Considerations