Remove Disconnected Account Lists and Clients

As machines are removed from the network or as lists are no longer serviced, you will need to remove their data from Privileged Identity. In this section, we discuss the removal and cleanup process.

Remove Clients from Lists

A user with all-access permissions can remove a client from any list. Additionally, a delegated user with write permission to a list can remove a client from their permitted lists.

Removing a client from the list deletes all server-side information associated with that endpoint, including:

  • Machine information (based on machine ID)
  • Machine secret
  • Policy information for that machine
  • Log information for that machine

 

If the endpoint software is still running, the client is recreated and added to the list the next time the endpoint synchronizes with the server. If you intend to remove a client permanently, you must first remove the endpoint software from the machine.

Remove a Client through the Web Application

Passwords > Disconnected Accounts

  1. Log into the web application as a user with appropriate permissions.
  2. Go to Passwords > Disconnected Accounts. You will see any lists you may access.

 

Disconnected Account Management - Enrolled Systems

  1. Click a list name to view its enrolled systems.
  1. Click the Delete button (red X) for each client you wish to remove.
  2. You will be prompted to confirm that you want to delete the client.

 

Remove Lists

A user with all-access permissions can remove a list entirely. Deleting a list deletes all server-side information associated with the list. including:

  • List information (based on list ID)
  • Machines associated with the list
    • Machine information (based on machine ID)
    • Machine secret
  • Password policy information
  • List permissions
  • All database logs for the list

    Text log files created by the server are not deleted as part of this operation.

 

If the endpoint software is still running on machines associated with the deleted list, and if the server is configured to allow endpoints to automatically create new lists, then the list will be recreated the next time as associated endpoint synchronizes with the server. However, existing permissions and logs as well as all other endpoint registrations will not be recreated.

Remove a List from the Web Application

Passwords > Disconnected Accounts

  1. Log into the web application as a user with appropriate permissions.
  2. Go to Passwords > Disconnected Accounts.
  3. Click the Delete button (red X) for each list you wish to remove.
  4. You will be prompted to confirm that you want to delete the list.