sendnrw/netbird-docs
2
0
Fork 0
mirror of https://github.com/netbirdio/docs.git synced 2026-04-20 17:36:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add EDR and Offboarding docs (#217)

Browse Source
This commit is contained in:
Misha Bragin
2024-08-15 15:33:47 +02:00
committed by GitHub
parent ac8049ac22
commit 8ab2d6e79f
13 changed files with 161 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
src/pages/how-to/auto-offboard-users.mdx Normal file
View File

@@ -0,0 +1,50 @@
# Automatically Offboard Team Members from NetBird
[NetBird's IdP-Sync integration](https://docs.netbird.io/how-to/idp-sync) simplifies offboarding team members, enhancing
security and efficiency. With this integration, you can automatically revoke access when users leave the company, when
temporary access for a freelancer ends after project completion, or when a seasonal employee's contract concludes.
Likewise, you can use this integration to restrict access to specific resources or environments when a project finishes.
For instance, you can limit network and resource access when a team member is removed from a group or when an entire group
is deleted from your Identity Provider.
## Removing Team Members
In this tutorial, we will focus on `user_01`, `user_02`, and `user_03`. From NetBird's `Users` dashboard, you can see
that `user_01` is part of the `IT Administrators` group, while `user_02` and `user_03` belong to the `Staging` group.
![NetBird Users](/docs-static/img/how-to-guides/auto-offboard-users/GT3eAeU.png)
To get started, access your Identity Provider (IdP) dashboard. For this example, well use [Microsoft Entra ID (Azure AD)](https://docs.netbird.io/how-to/microsoft-entra-id-sync).
Next, locate the user you want to offboard in your IdP's user management section. Lets say you want to revoke access to
`user_01`, in that case, you will need to select it and click the `Delete` button as shown below.
![IdP Delete User](/docs-static/img/how-to-guides/auto-offboard-users/TJWLvXL.png)
After deletion, click the `Refresh` button to confirm that the user is no longer active.
![IdP Confirm Deletion](/docs-static/img/how-to-guides/auto-offboard-users/LJ6QHRV.png)
Wait for the NetBird integration to complete its next synchronization cycle, which usually takes 300 seconds. Alternatively, go to the `Integrations` screen in the NetBird admin console and click the corresponding integration button to manually trigger the synchronization.
![NetBird Integrations Force Sync](/docs-static/img/how-to-guides/auto-offboard-users/ogiiUeT.png)
Now, go to NetBird's `Users` dashboard to verify that the user is no longer listed.
![NetBird Users Verification](/docs-static/img/how-to-guides/auto-offboard-users/MQ2yh6B.png)
## Revoking Group Access
Imagine a scenario where you have an access policy that grants all members of the `Staging` group access to resources in the `Servers` group.
![NetBird Access Control](/docs-static/img/how-to-guides/auto-offboard-users/sATMbbP.png)
Let's say the current project is finished, and you no longer want members of the `Staging` group to have access to the
`Servers` group. One way to do this is to remove the `Staging` group from your IdP.
![IdP Delete Group](/docs-static/img/how-to-guides/auto-offboard-users/TOZjFKC.png)
Once the changes synchronize in NetBird, users and their group memberships will be updated; therefore,
[network access associated with that group](https://docs.netbird.io/how-to/manage-network-access) will automatically be revoked.
![NetBird No Group](/docs-static/img/how-to-guides/auto-offboard-users/NKabmN6.png)