Is it possible to have ssh keys no longer work if an account is disabled or deleted in Active Directory? I have tested using an ssh key and AD password but when I disable the account in AD the ssh key is still accepted. This is in LDAP only used for Authentication mode (which would be needed to manage access to multiple folders).
Well...if you do, and can't do it via LDAP roles and template user mappings, then putting the SSH keys in LDAP does nothing...
You can't have the mix here.
So you either need to go all ldap and assign VFS configs via templates, and no duplicate User Manager usernames....or keep it as it is, but you have to delete the User Manager user if you disable the ldap user.