PROCEDURE WI for offboarding a kpe employee.

Phase 1: Steps 1-12

Phase 2: Steps 13-17

REQUIREMENTS

• This process must be intiated/authorized by the kpe Client POC(s) and include the Employee Offboarding Form (reference KB00002470 [retired])

• M365 Admin Console Access: PWS > Domain\Service Accounts > M365 Admin Account

• SMS MFA PHASE 1 STEPS

1. Open & review Employee Offboarding Form
2. Log into the M365 portal
3. Find the user account being terminated
4. Click Reset password
5. Generate random secure credentials
6. Click Block Sign in
7. Click Sign out of all sessions
9. On the left-hand side of the page, navigate to the Azure Portal.
11.  From the Azure portal, go to the Users tab on the left-hand side, then search and select the terminated User.
13.  From the User’s page, select Authentication Methods on the left-hand side. Verify all contact information is removed and recorded in the offboarding ticket.
15. Select the 3 dots at the top, then select Revoke MFA Sessions. Hit Save once complete.
17. Navigate to the Groups tab on the left-hand side. Then check all groups (record them all in the ticket) and Remove Memberships. Close out of the Azure portal once complete. (All Users should be the only one that will not remove)
19. Check the Off-boarding Form for the following actions:
20. If Archive Users Mailbox is checked. Convert the user’s mailbox to shared mailbox
21. If Forward emails is checked. Forward emails to the designated person
22. If Auto-reply is checked. Please set the standard reply below:
23. (Text for Auto Reply)
24. PHASE 2 STEPS:
25. Check the Off-boarding Form for the following actions:
26. If backup of local users’ data is checked. Ensure the following folder is created (Screenshot further below for example): Sharepoint > Terminated Users > Documents > [First Last] > Local Data
27. IMPORTANT: Verify if Onedrive is enabled and fully synced!
28. Move all non-synced data from local computer to location provided above (eg Downloads, Pictures, C:\ and D:\)
29. IMPORTANT**:** Take screenshots and post in public notes of the ticket! Recommend Treesize to show size and make sure Sharepoint shows similarly.
30. If backup of one-drive data is checked. Ensure the following folder is created (Screenshot further below for example): Sharepoint > Terminated Users > Documents > [First Last] > Onedrive
31. IMPORTANT: Verify if Onedrive is enabled and fully synced!
32. Use move command via M365 Admin Center to location provided above for Onedrive.
33. IMPORTANT: Take screenshots and post in public notes of the ticket!
34. If grant access to termed employee data is checked. Grant the requested access to the end-user.
35. IMPORTANT DATA SANITIZATION INFORMATION:
36. If DO NOT delete local user data is checked, DO NOT delete any data off the local computer
37. Otherwise, delete all local user data once data transfer steps have been confirmed complete. This allows the device to be reassigned and re-used later.
38. Remove license from account
39. Send ticket to procurement to remove the license from the portal.
40. IMPORTANT
41. Assigned ticket to vITM for removal of PII Protect account! DO NOT close the ticket.

REFERENCES

• See attached offboarding form for KPE that the client uses