Group membership retained when an account is deactivated
We have scenarios where user accounts are suspended for a period of time e.g while a person is on extended leave. The business process is to disable the account in Active Directory which in turn deactivates the account in our SSO provider which also sets the account as Inactive in Box.
When the account is reactivated the person retains access to all the folders they were collaborating in but they lose membership to all Box groups and need to be re-added
We've also had incidents where accounts have mistakenly been deactivated resulting in the same issue
Generally we prefer to use Push Groups from AD and SSO where membership can be retained. However this isn't always practical. We have a large number of directories connected to SSO and often need group memberships spanning multiple directories and it's easier to manage these groups directly within Box.
It would be good to have the option to retain group membership when an account is set as inactive in Box and only removed when the account is deleted