DNN Forums

Ask questions about your website to get help learning DNN and help resolve issues.
Prev
Next

Anonymizing users

Forums > Administration and Configuration
Sort:
You are not authorized to post a reply.





EPT

Growing Member



Posts:71
Growing Member




2/21/2020 3:31 AM

    We have to do testing on DNN sites regularly, eg. for upgrading, modules updates etc.

    Our normal way of working is to make a back-up of the production site, restore it on a test server, changing portal alias, DB etc.in de web.config and start testing.

    What we would like to do as well, is anonymizing the users in the standard user table(s). 

    Does anyone have an SQL script or procedure to do so? And are you willing to share that script?






    Michael Tobisch

    Veteran Member



    Posts:1124
    Veteran Member




    2/21/2020 4:50 AM
      Ernst Peter,

      I would also be interested in that - maybe I play around a bit to do it, but could we talk about the actual requirements? Is anonymizing enough, or do we need a mechanism for pseudonymization as well? Shall the user names be kept, so only firstname, lastname and displayname are overwritten? What about the profiles? Role memberships? Or would you like something more flexible, eg. time-based bulk anonymizations (e.g. all users that haven't logged into a portal for the last 10 years)?

      Happy DNNing!
      Michael

      Michael Tobisch
      DNN★MVP

      dnnWerk Austria
      DNN Connect





      Timo Breumelhof (40F)

      Veteran Member



      Posts:1094
      Veteran Member




      2/21/2020 4:54 AM

        Maybe Ask Peter donker about the code he added for GDPR, I'm not 100% sure but I think there's code to anonimize users for GDPR in the framework.

        40FINGERS Web Solutions · Style Helper · DDR Menu Demo Skins · SEO Redirect





        Peter Donker

        New Around Here



        Posts:11
        New Around Here




        2/21/2020 6:36 AM
          As of today this has not (yet) been implemented. I wanted to do this, but it is more tricky than it appears. The biggest stumbling block is the multi portal situation. Let's assume a user is a member of two portals on DNN and wishes to be removed/anonymized from one portal. There are some details of users that are stored centrally (email, username) in Users and aspnet_Users. The profile props are bound to a portal, so they pose no problem. It's the central data that is the issue.

          What do you think should happen?

          Peter





          EPT

          Growing Member



          Posts:71
          Growing Member




          2/21/2020 6:39 AM

            We can try to solve the whole world in one giant leap forward, but that was not my intention.
            I just want a small step at the time: anonymizing a local copy of a complete site.






            Peter Donker

            New Around Here



            Posts:11
            New Around Here




            2/21/2020 6:42 AM
              Sure. Me, too. So what do you propose to avoid the situation described above? Disable on multi portal sites?





              EPT

              Growing Member



              Posts:71
              Growing Member




              2/21/2020 7:03 AM

                Just randomize, so name & email adddress is randomized for all portals.






                Mandeep Singh

                Growing Member



                Posts:77
                Growing Member




                2/21/2020 10:34 AM

                  Here's a simple query I use:

                  --Remove Email Addresses from Users Table
                  Update Users
                  Set Email = convert(nvarchar(255),UserID) + '@test.com'

                  You could do the same for other fields.

                  Sincerely,
                  Mandeep Singh

                  CEO & Founder | Mandeeps.com
                  CEO & Founder | Vanjaro
                  You are not authorized to post a reply.

                  These Forums are dedicated to the discussion of DNN Platform.

                  For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

                  1. If you have (suspected) security issues, please DO NOT post them in the forums but instead follow the official DNN security policy
                  2. No Advertising. This includes the promotion of commercial and non-commercial products or services which are not directly related to DNN.
                  3. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
                  4. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
                  5. No Flaming or Trolling.
                  6. No Profanity, Racism, or Prejudice.
                  7. Site Moderators have the final word on approving / removing a thread or post or comment.
                  8. English language posting only, please.

                  Would you like to help us?

                  Awesome! Simply post in the forums using the link below and we'll get you started.

                  Get Involved