we have a small challenge with a client and I would like to hear your opinion on this issue. The O365 portal is connected to FNMS via the OOB adapter and provides reliable data. The customer's O365 process currently states that no users will be deleted from the O365 portal, even if they have already left the company and their status in AD or other user sources is Inactive. The background to this is that the data must be retained for a certain period of time due to internal rules, and if a user is reactivated, their O365 files should still be available. O365 Business deletes all files after removing a user after 30 more days (https://docs.microsoft.com/en-us/microsoft-365/business-video/delete-user?view=o365-worldwide). We cannot change these internal processes and they must be taken as a given.
Of course, we also import the corresponding user status from the appropriate user sources (AD, IAM, ...) and map this to the Compliance User object in FNMS (Active, Retired, Inactive, ...). The setting of the user status naturally has a direct influence on the license calculation for certain license types, since inactive users are no longer considered for user licenses, for example.
Based on the above conditions, we receive from the portal about 157,000 users assigned to corresponding licenses (products) in the O365 portal.
The view under "All Licenses" now shows us the following 157,000 users allocated, but only 153,000 users under Consumed. If we look at the table "SoftwareLicenseAllocation", we will find all 157,000 imported users from the portal for the specific license container. If you also compare the user status in the ComplianceUser table, you get about 4000 users with the status inactive, which are no longer taken into account in the compliance calculation for O365. (see tip box: https://docs.flexera.com/FlexNetManagerSuite2020R2/EN/WebHelp/index.html#topics/Allocated-LicProp.html)
As we all know, a user assigned in the O365 portal first consumes a license regardless of its status in, for example, Azure AD. The rule is: Assigned = license consumption.
Now my question to the community, do you have this challenge in your companies or clients as well, if so - how do you deal with it?
Otherwise, I would appreciate any advice on how to properly map O365 compliance in FNMS in connection with inactive FNMS users but assigned O365 portal users.
And no, we can't just reactivate the O365 users in FNMS! 🙂
Jun 14, 2021 04:49 PM
I just talked with a colleague regarding another customer. It's only 100 inactive users in one of the examples there, but they're still confused by the delta between the Azure portal and FNMS.
Jun 15, 2021 04:45 AM