Community
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Improved Vault Users & Groups Managment

Improved Vault Users & Groups Managment

As it currently stands it is not possible to delete users and groups within Autodesk Vault. 

 

This is a problem. I understand Autodesk's stance on that the users need to be retained for historical reasons, however the management side of things needs to be improved. 

 

For example I created a group and users that were never used. Why can't I delete them? Objects that were never used should be allowed to be deleted. Also as the database grows and users are hired and terminated, the list will grow to an unmanageable mess.

 

What has happened to me is that I am in the middle of implementing Vault for my company. When I first set it up I created users. However, since then we have switched to a Domain and have now imported the Domain users and groups to use. Now I have groups and users that have never been used that I have no way of deleting or using for anything else. 

 

I have found blogs and forum posts suggesting that users be diabled and renamed so that they are sorted appropriately. This is a hack solution at best and not a real solution to the problem. 

 

As I see it two things need to happen:

 

1. Unused users and groups need to be allowed to be deleted. 

2. There needs to be additional options and sorting methods for used users and groups that are no longer active. ie. Once they are disabled they are moved to a different list and only retained for historical purposes. 

27 Comments
ihayesjr
Community Manager
Status changed to: Accepted
Can you provide some examples of other software applications that you would consider having a really good user management interface?
Josh_Hunt
Advocate

I don't have an example from another app but I think what you have is good, it just needs some additional features.

  • Andrew's ideas above plus...
  • Filter and sort users and groups based on all properties (similar to file grid).
  • Merge Vault Account Users into Domain users
  • "Where used" for Users and Groups (so you know the impacts of change or potential group deletes).
  • (maybe this is a separate idea?) a branching tree to show the structure of users and groups. (My company has a complex group structure for folder permissions and finding mistakes is impossible)
Boorda
Advocate

I can attest to @Andrew1307 comment ..."Also as the database grows and users are hired and terminated, the list will grow to an unmanageable mess."

 

I work with a very large company that has multiple business units throughout the United States, Mexico, and Canada. We have only been using Vault for 5 years and we already have over 600 users in that list, many which are no longer employed with us.

 

As far as an example software for managing users, how does Microsoft do it with Active Directory? You may look for inspiration there...

 

 

Josh_Hunt
Advocate

@Boorda, I do not recommend Microsoft as an example user interface or anything. They do not listen to the user community because Windows is a monopoly in the business world.

Boorda
Advocate

Just to clarify, I meant only in terms of user interface, definitely not in terms of bad customer service or the lack thereof!

Josh_Hunt
Advocate

Hello @Boorda, I was referring to the user interface. Microsoft builds things and does not listen to power users. This has been a huge annoyance for a VERY LONG TIME https://en.wikipedia.org/wiki/Focus_stealing

gri4775
Advocate

I find it only good, if users, who did nothing in the Vault, could be deleted from the user list (no entries in the Vault DB!)

Boorda
Advocate

Obviously, it would be ideal from an administrative side to delete users from Vault. But I also understand that from the database side this is a nightmare due to the possibility of breaking relationships and creating orphaned items. I've even see issues where an administrator demotes a terminated domain user account, renames it, then re-promotes it only accidently to change all the version history in Vault to look like it was created by the new employee! This was done all in the name of not having to create a new user and increase the list. I'm sure everyone can see the danger in that.

 

What if we found a common ground? Administrators see what they want, database remains intact; maybe there's a way. As an administrator, my frustration doesn't come from the accounts existing, it comes from having to dig through all the old accounts to find what I need.

 

Here are some things that would make me happy as a Vault Administrator, that won’t break the data structure. These suggestions apply to both Vault Users and Vault Groups since they are very similar.

 

• A search bar in the dialog that searches all properties of a Vault User/Group and quickly filters out anything not matching the search text.

• Option to filter all Disabled accounts from the Enabled ones using the already existing “IsActive” property of the Vault User\Group. (Make this a remembered option so we don’t have to set it each time.)

• Similar to the above suggestion, move the Disabled Users/Groups to a “Disabled” TAB in the dialog when the “IsActive” property is False. (This may be the better method as you never really hide anything from the administrator.)

gri4775
Advocate
Thanks for your post.
I all agree with you.
Your Ideas are great.

Alexander.K156
Explorer

It should be possible to delete users who didn't make any file/folder changes in Vault.

Without a way to delete them the user administration effort is quite high.

For bigger companies the lack of this function makes the thin client unusable in my opinion when thinking in long terms. You would have a fast increasing user list (viewers) and would maybe need an additional software for managing mostly unused users. Finally a quite expensive solution.

YounesYammouri
Community Manager
Status changed to: Under Review
 
ChrisAtherton
Advocate

I would add deleting groups to that as well.

Alexander.K156
Explorer

I totally agree with deleting groups as well.

Kayla.M.Jones
Contributor

What about deleting users that are no longer with the company, just to clean up the list of users?

ChrisAtherton
Advocate
There is the issue that you still have the history of their data so I can understand keeping the users, that said if a user has no entries then we would want to delete them.

Groups though aren’t referenced in the files properties however I think they can’t be deleted because they are in the same table as the users in sql (could be wrong) ... this I see as an issue especially at larger complex sites with 100s of users.
michael.bauer
Observer

Das Streichen der nicht mehr benötigten Gruppen ist sinnvoll. Auch sollten nicht mehr benötigte Anwender/User die zwar wegen Referenzen und anderem Datenzusammenhängen weite in der Vault Datenbank (SQL) sein müssten eine erweitert Einstellung bekommen.

 

z.B. sollte man diese User mit einem Flag (Sichtbar, Nichtsichbar in der Benutzerverwaltung) noch versehen können, damit diese nicht mehr in der Hauptliste der Benutzerverwaltung zu finden sind, sondern in einer gesonderten Einstellung wenn nötig für Aktivirungen oder oder zu finden sind.

 

Das denke ich schafft noch eine bessere Übersichtlichkeit von der Liste - Benutzerverwaltung.

 

2018-09-13_08h03_46.png

 

 

 

 

 

ViperRT10
Contributor

My major concern is with automatically created accounts and long term maintenance.  We currently have many accounts that are read-only and are created with their domain creds (division/username), making renaming somewhat awkward.  We are in the midst of trying to clean up and do some organization of our data and it would be a major asset to be able to remove old/unused/redundant accounts and allow these read-only users to establish fresh creds (if they are even still with the company) on their next login.

 

I truly see and agree with the logic of once a user has even a single record to their name we lose the delete ability but would love to see at least an option of removing reference accounts.  To carry it even a step further to allow the removal of any accounts but the history gets reassigned to a system user (division/UserRemovedByAdmin).  Technically these records still have the true user name they were created by in the CAD file but the Vault maintenance becomes much easier and adaptive to long term changes.

Boorda
Advocate

@ViperRT10  careful about renaming Vault users as I have seen admins in the past try to rename and reuse accounts only to find out that they rewrote history in Vault. In other words the anything the old user had done in Vault now shows as the new user had done it.

 

If you want to repurpose user account for the same person, such as a domain change in the company, then you can demote the user to a Vault account, then repromote to the new domain account.

 

If you have a large number of read-only users who constantly change, such as Vault Thin Client users from the shop floor then try creating an Active Directory group and manage the users there. You can then import the AD group into Vault and not create user accounts for each. 😉

 

 

hej.simon
Explorer

@Boorda Could you confirm that the history will change when you change a user name. For example vault file property “Created by:” I my case thats exactly what I want. I dont want to reuse old user names for new users, I just want to change the user name for some of our existing users. (business organization reasons)

Boorda
Advocate
Yes, changing the name of a Vault user account will change the name in
history. The reason is because when Vault pulls the info from SQL its
really looking at the UserId and not the name itself. You'll have to demote
any AD linked accounts to reman in Vault. If its an AD linked account I
think you could get the same result by renaming the actual AD account.

-Addam

Can't find what you're looking for? Ask the community or share your knowledge.

Submit Idea  

Autodesk Design & Make Report