Nextcloud: what to do when a user is deleted to keep the data
The availability of data for team members in your Nextcloud instance when an account is completely deleted depends on several factors.
Let's see together what happens in these different situations and the solutions adapted for each case.
- Case 1: Files created by the user, and never shared with other users, are completely deleted from Nextcloud with the user account.
- Case 2: Files created by the user, which have been shared with other users, are also no longer available to other users when the account is deleted.
- Case 3: files created by the user, shared with other users and already modified by them: the user who created the file also owns the data here - and therefore these files, including all modifications, are deleted when the original user account is deleted.
- Case 4: files created by the user, but which are stored in a folder created by another user and shared with others: here the origin of the folder determines what happens - if someone else created it (and shared it with the account to be deleted), the files remain available.
- Case 5: user-created files stored in a group folder (application Group Folders): a group folder has been created by someone else (the system administrator) and therefore the files created here remain available unless explicitly deleted, regardless of who created or edited the files. This is the whole point of Group Folders.
So what if a colleague leaves the team?
I don't bother an admin" solution to avoid data loss: a person with whom the files have been shared can download them and then upload them again (like their own files). This is certainly an unorthodox solution, but it works.
Of course, system administrators have a way to ensure that no data will be deleted when an account is deleted: the transfer of ownership feature can transfer ownership of all data from a user whose account is to be deleted to another account. In the case of Cloudeezy, this request must be made to technical support, specifying which user to transfer ownership of the data to BEFORE it is deleted from the interface, since this option is done on the command line on the servers.
By transferring file ownership prior to account deletion, no files are lost. Shares are also retained. It is therefore the best solution.
If you use "Group Folders", you will still need to set up an internal operating rule that determines, when an employee leaves, that the files stored in his personal :
- are transferred to another user when he leaves, and his account is deleted.
- any file in his personal space (except GROUP FOLDERS) is deleted with his account.
We recommend that the DPO be asked about this.