mirror of
https://github.com/netbirdio/docs.git
synced 2026-04-19 08:56:35 +00:00
* New Access Control and ReOrg * Enhance Access Control Documentation and Add New Resources - Updated `next.config.mjs` to include new redirects for access control documentation. - Added multiple images related to access control and endpoint detection and response. - Refactored links in various documentation files to point to the new access control structure. - Removed outdated documentation files and created new ones for managing access control and endpoint detection. - Introduced a new section for understanding posture checks and their implementation in access control. This commit aims to improve the organization and clarity of access control resources, aligning with the recent restructuring of documentation. * Remove outdated Intune MDM documentation and update links in access control resources. This commit enhances the organization of the documentation by eliminating obsolete files and ensuring all references to Microsoft Intune are correctly aligned with the new structure. * Fix typos in access control documentation for clarity and accuracy. Updated "Understnading" to "Understanding" and corrected "NerBird" to "NetBird" in relevant sections. * Fix typo in Access Control section * Fix formatting in posture checks documentation * Added a space in the Posture Checks reference for clarity.
50 lines
3.1 KiB
Plaintext
50 lines
3.1 KiB
Plaintext
# Automatically Offboard Team Members from NetBird
|
||
|
||
[NetBird's IdP-Sync integration](https://docs.netbird.io/how-to/idp-sync) simplifies offboarding team members, enhancing
|
||
security and efficiency. With this integration, you can automatically revoke access when users leave the company, when
|
||
temporary access for a freelancer ends after project completion, or when a seasonal employee's contract concludes.
|
||
Likewise, you can use this integration to restrict access to specific resources or environments when a project finishes.
|
||
For instance, you can limit network and resource access when a team member is removed from a group or when an entire group
|
||
is deleted from your Identity Provider.
|
||
|
||
## Removing Team Members
|
||
|
||
In this tutorial, we will focus on `user_01`, `user_02`, and `user_03`. From NetBird's `Users` dashboard, you can see
|
||
that `user_01` is part of the `IT Administrators` group, while `user_02` and `user_03` belong to the `Staging` group.
|
||
|
||

|
||
|
||
To get started, access your Identity Provider (IdP) dashboard. For this example, we’ll use [Microsoft Entra ID (Azure AD)](https://docs.netbird.io/how-to/microsoft-entra-id-sync).
|
||
|
||
Next, locate the user you want to offboard in your IdP's user management section. Let’s say you want to revoke access to
|
||
`user_01`, in that case, you will need to select it and click the `Delete` button as shown below.
|
||
|
||

|
||
|
||
After deletion, click the `Refresh` button to confirm that the user is no longer active.
|
||
|
||

|
||
|
||
Wait for the NetBird integration to complete its next synchronization cycle, which usually takes 300 seconds. Alternatively, go to the `Integrations` screen in the NetBird admin console and click the corresponding integration button to manually trigger the synchronization.
|
||
|
||

|
||
|
||
Now, go to NetBird's `Users` dashboard to verify that the user is no longer listed.
|
||
|
||

|
||
|
||
## Revoking Group Access
|
||
|
||
Imagine a scenario where you have an access policy that grants all members of the `Staging` group access to resources in the `Servers` group.
|
||
|
||

|
||
|
||
Let's say the current project is finished, and you no longer want members of the `Staging` group to have access to the
|
||
`Servers` group. One way to do this is to remove the `Staging` group from your IdP.
|
||
|
||

|
||
|
||
Once the changes synchronize in NetBird, users and their group memberships will be updated; therefore,
|
||
[network access associated with that group](https://docs.netbird.io/manage/access-control/manage-network-access) will automatically be revoked.
|
||
|
||
 |