This module allows to mark any new entry to be marked for auto deletion. The cleanup is done by the LDAP server itself. Please note that this will not delete any relations etc. in other entries (e.g. group memberships).
Requirements
LDAP server with DDS (Dynamic Directory Services) support: your LDAP server needs to be configured to allow auto deletion of entries. See e.g. OpenLDAP configuration.
Your user has the right to set a deletion date. This is configured on your LDAP server via ACLs. E.g. OpenLDAP requires manage rights to attribute "entryTtl".
Restrictions
The maximum time for auto deletion is one year and six days. This is a restriction by the DDS standard itself. The deletion date can be extended for existing accounts but always by a maximum of one year and six days.
You should configure the maximum TTL value on your LDAP server as default is often much less than a year.
A deletion date on an existing entry cannot be removed but only be extended.
Configuration
You can add the auto delete module to any account type.
Usage
You can set a deletion time for any new account. Please note the restrictions above. If you get an error about invalid TTL then you might have exceeded the maximum TTL.
Existing accounts cannot be marked for deletion. But you may update the deletion date on existing accounts that are already marked for deletion.
Profile editor can be used to setup a default deletion time.