Office 365 for IT Pros

How Stream Handles Deleted Users

Advertisements

Stream administration includes an option to Manage delete users (Figure 1).

Figure 1: Manage deleted users in Stream admin

The idea is that if someone’s account is removed from an Office 365 tenant, you should be able to remove any reference to that person in Stream (names of video owners, comments, etc.) and replace it something like “Former Colleague.” You don’t have to do this for deleted users – it’s really just to make it clear to other people that the person who made a contribution to Stream is no longer available and cannot be contacted.

How Azure Active Directory Accounts are Deleted

When an Azure AD account is deleted, it enters a soft-deleted state in the Azure AD recycle bin which allows the account to be recovered if necessary. This state lasts for 30 days. After this, Azure AD hard-deletes the account and it becomes irrecoverable.

When you look at the Stream option, it’s natural to assume that Stream will search for soft-deleted Azure AD accounts, much like the Deleted users option works in the Microsoft 365 admin center. But it doesn’t. Instead, Stream only allows you to select a deleted user after Azure AD has permanently removed its account.

Why Stream Waits

There’s a certain logic here. Stream doesn’t want you to remove references to users when the possibility still exists that an admin might recover the account. If that happens, you want the references to the account to be intact in Stream, and this is why Stream waits until an account is finally gone before allowing an admin to manage the account. It doesn’t seem to make a difference if you accelerate the removal of a soft-deleted user object by hard-deleting it with PowerShell.

I’m not sure that Manage deleted users is a good name for the option. Manage implies that you can do more with deleted accounts than is possible. All Stream does is an edit pass through its store to replace any reference to a deleted user with a string supplied by an admin (Figure 2). You’ll do this in a state of imperfect knowledge because there’s no way to get a list of videos owned by a deleted user beforehand or know what comments they made or the comments where they’re referenced.

Figure 2: Reference to a deleted user as replaced in Stream

I’m sure the way Stream works is frustrating to some. It would be better if Stream showed a list of soft-deleted Azure AD accounts with their deleted date so that people would know why they can’t select an account. It would also be nice if Stream checked if an account had been hard-deleted from the Azure AD recycle bin to allow tenants to accelerate the process. But you can’t have everything and the feature works, even if it follows its own logic.