Our system is single sign-on and we have a requirement where we have to setup end date of users to release there licenses. How you guys are handling this scnerio when someone left organization and you need to release his/her license. I know that we have to setup the users end date and this can be done manually or is there any other wayout.
We have implemented a scheduled report that disables users who have not logged on in the past x months. This way we free lecenses also from users who are still in the organisation but for some reason no longer use PPM (eg due to a department change). For the people leaving us we set the end date manually.
The scripts first extract a list of all enabled users configured for LDAP authentication with a simple sql query. A perl script then extracts user data from LDAP for each of these users and builds a sql file to update the data in the users' records. If a user's account is disabled in LDAP, the script sets the end date field and deletes all security group records for the user. For active users, we update additional information like phone number, email address, manager's id, etc.
We use a portlet to show all users who have been inactive for X days. We have a few users who need to keep an active account even though they don't access PPM, so we use a user data field so these users are flagged in the inactive user portlet.