Environment: SharePoint Server 2010, Project Server 2010, SP2, DEC 2013 CU (Farm Build number: 14.0.7113.5001)
Scenario:
- Domain user has been added to the Active Directory group being synchronized with Project Server for the Team Members group.
- That user has participated as a team member in numerous projects, added documents, been assigned tasks, typical project stuff...
- Employee quits.
- AD account is deleted. (NOT deactivated or moved into another OU)
- Time passes...
- Employee gets rehired. NEW AD account is set up: same display name, SamAccountName, email address, different GUID of course.
- Daily Active Directory job runs again and throws event ID 7734 and the sync ends with a partial fail.
I understand why this is happening. Solutions I've found point me to deleting the Enterprise Object resource in Project Server and then rerunning the sync. Sure, this works BUT won't all of the previous documents, tasks, etc. be disassociated from that user? If so, this is not ideal.
2 questions:
- Is there a better way to deal with the fixing of the resource in Project Server to somehow link the old resource to the new resource allowing the sync to run successfully while still leaving the association to all old content intact?
- How are other organizations dealing with rehires when they have been added as resources in Project Server? What is the best practice guidance from Microsoft on this? Are other companies not actually deleting AD accounts when users leave organizations or are they putting them into a "ARCHIVE" OU or something like that? This happens at least half a dozen times a year at my company. We would like to keep our AD as clean as possible, but this appears to change our approach.
Any suggestion/guidance is appreciated.