OK. Finally got back to this item.   (although took me forever to find it in this "new" community because it seemed to have dropped off my watched items?!).

Anyway, things have changed slightly.   I am now deactivating SNc user records automatically via the transform map when the LDAP syncs, so the need for a "message" is no longer.   I have also discovered I dont want to automatically remove the ITIL licence as this has implications on 'active' calls that may be still assigned to that now, inactive record.

So my next option is to create a Notification that gets triggered when a user record with an ITIL licences is deactivated during the above sync or possibly an Event that creates a task for someone to action.

Now to work out the scripting

Thoughts?

Why would you actually want to do that? I don't see any reason besides housekeeping. The license count will only count active users as far as I know.

HMMM... I was of the understanding they just counted ITIL roles applied to users.   Was unaware they disregarded inactive users.   I'm sure some scripting guru would be able to get around the licence count if that was the case, ie auto deactivate an inactive account for x number of days, then reactivate the account when they log in to do work... not ethical but I'm sure possible.   Personally I think it would be good housekeeping to remove unused licences anyway.   what can I say, i like to keep the cobwebs away.

ITIL is not the only role that requires a license as such, so you would need to remove all roles for inactive users

In addition, I don't think we alert somebody prior checking their current license count. And yes, if some script guru wants, I am sure he will find a way to cheat this. Not very ethical, and probably not a customer for us going forward once we find out about it.