Removed Users cannot rejoin Organization (after enabling Key-Connector)

So my situation is looking like this:

I installed bitwarden on premise and configured it for SAML login via Azure. Users could login just fine with their microsoft login combined with the master password. After contacting support I went through with the key-connector setup and got it working with my own DB and my own (self signed) cert stored locally on the filesystem, because I’m still waiting (since friday) for a reply from support regarding OS cert store solution which I couldn’t get to work with the provided docu. Since I’m already more than two weeks in trying to get the key-connector to work as recommended, I decided to just go with my cert stored on the filesystem which works without any problems.

So now users can login with SSO and after login get the options to remove the master password and this works just as expected. BUT there were some users that I was testing this feature with, and as troubleshooting measurements I removed them from the organization and invited them again. In retrospect I wouldn’t do this again as it caused the following issue:

- Users can be invited but can not join the organization (already part of organization)
- Those users are not listed in the organization’s user list
- They are stuck in limbo, me not being able to remove them compeletely

When they try to register or accept the invite they get the following error message:

User, has already been invited to this organizatio. Accept the invite in order to log in with SSO.

So my last resort would be to remove them directly from the database, but I would need some assistance in doing so. I suppose support is in contact with the engineer team, trying to fix existing issues with the key connector as I was not informed, that I did something wrong on my side. But I can’t wait any longer, so I’m trying my luck here in the official forums.

So the question remains: Where are those deleted users stored and how can I completely remove them so they are able to join the organization again?

EDIT: So just after typing this little wall of text I thought like “hey, let’s see what the admin url has to offer” and boom, there they are… the deleted users! How ironic… I will test again and report back.

Thanks for the EDIT, please let us know how it goes.

Yeah, I even made a 5 bucks bet with my test user that I’m pretty sure that it will work now and what can I say, I made 5 bucks

EDIT: So just after typing this little wall of text I thought like “hey, let’s see what the admin url has to offer” and boom, there they are… the deleted users! How ironic… I will test again and report back.

Hi,
I have exactly the same problem, but reading your post, I didn’t understand how did you solve.

BR
Marco

They are talking about the admin panel of your Bitwarden self-hosted install. More can be found in the help documentation, but this will be added to your self-hosted URL at the end such as bw.company.tld/admin

Ahhh, yes now I understood. I found it and it worked.

Thanks!!

BR
Marco

I have faced similar issue too. The possible fix would be in two ways.
1-Use Admin control panel to delete an account. https://bitwarden.“YOURDOMAIN”.com/admin
2-The other way is to ask the user to delete his/her account through this link https://bitwarden.“YOURDOMAIN”.com/#/recover-delete

Cheers!

Hi, I’m trying to set up key-connector as well but having troubles to get it working. Did you ever figure out the certificate store setup? For me, even when I tried with file system, it still doesn’t work. In the log it says “no such file” even though the file path is correct. Can you shed some lights on how you got yours working? My server is a Debian OS.

Thanks.

If you don’t get an answer here, you can also contact the support team at https://bitwarden.com/contact/

Thanks, I have contacted support but they are taking their time so I figured I’ll ask the community to see if I can get a faster solution.

Thanks for confirmation, when did you submit the form? Did you get an auto reply back to confirm receipt of your issue?

I started emailing back and forth with support a few days ago.

I’m having this issue, but my instance of Bitwarden is hosted by Bitwarden.com. I do not see any documentation regarding this admin page. Are deleted users treated differently with the hosted version or is there another way to delete this stale account so I can again onboard someone that was previously removed?

Welcome to the community @Chris_Phillips! Our support team would be happy to work with you to resolve this!