I posted this in Patch Management, but realized that might not have been the best forum for this post...
We have an ongoing issue with our Kaseya server. It seems that each time we apply patches (the System Log notes a "Check for hotfix run" entry among others) some user accounts (staff members) get moved to/created in myOrg. Some of these users belonged to Organizations that are no longer our clients so we have deleted their org from the system but some of them are with Orgs still with us.
QUESTION: Does the patch installation process (and any of its sub-processes) have any type of code that would search the database for "orphaned" user accounts, tickets that were assigned to users that are no longer there, or anything similar and move/re-create those users to the default myOrg?
I'd like to stop random user accounts from getting added to the default org each time we perform updates. Thanks for your help!
When an admin/technician account is deleted from the VSA, the tasks, schedules, etc. associated with that user are assigned to the individual deleting the account. The data should not be 'orphaned'.
If you have Domain Watch configured to sync with Active Directory, you may be importing the user information from your AD environment. How this is done will depend, in part, on the version of VSA you are running. This suggestion, however, does not address some of the accounts you are suggesting are being created/moved. Please open a ticket at helpdesk.kaseya.com so they can investigate the issue. Be sure to include as much information as possible, including examples of accounts that have seemed to move and, if possible, approximate date/time so Support can dig into this.
Ehm Brandy, based on personal experience, I don't think that's true.
We made a habit of keeping all old user accounts because the main beef is some old scheduled tasks get orphaned and won't run anymore. You see them in the Agent Procedure logs, but since the old user account is no longer active, they won't actually run. We've been bitten by that bug mainly on Patch Management dying while the system pretends it's still working.
The last time I involved support is a year ago, so it might have been fixed now, but I can't remember seeing anything about it. I can dig up the last support ticket I had open if that helps....
It's always possible something has changed, but the design was that data associated with an accountX is assigned to accountB (where acctB is the individual deleting acctA). If that's not the behavior you're seeing, i certainly suggest a ticket. I'll see what i can do about clarifying current intended behavior. VSA version could make a difference here if an intended change was made in the last couple of releases.
So if I'm understand you correctly, when orgZ is deleted, all accounts associated with orgZ should also be deleted??? That makes sense. However, the next time someone installs a patch/hotfix for the K2 server the logs say that the *SYSTEM* account creates a handful of accounts and assigns them to the default K2 org, myOrg. These accounts that it consistently recreates belong to orgs that we have deleted. That is what made me think that there are orphaned items sticking around and it has to recreate those accounts to un-orphan them. I'm not sure if that's what it's doing, I just know that seemingly random accounts get created and assigned to myOrg each time we perform a K2 update.
Hi Kevin Slonka
My recommendation would be to create a support ticket, they should be able to dig in and find what is moving/creating these entries.
Alternatively, if you show us exactly what is being created and possibly the log entries of how it is being created we can point you in the right direction.
I have seen similar behavior done via Discovery > Domain Watch as Kaseya Community mentioned, but at this point it's just an assumption without more information.
We don't have Domain Watch or anything else configured. Our server is completely standalone. Here is a screenshot of the log when this occurs. The users that get created used to be in our system and belonged to organizations that we have previously deleted.