Jenzabar using the JICS authentication plugin
https://moodle.org/plugins/?q=JICS%20type:auth
shows none.
SAML2 ... this one?
https://moodle.org/plugins/auth_saml2
"...all of our users."
except those that admin the moodle.
Suggest cloning production server using JICS auth ... same version of Moodle to a sandbox server.
Install your SAML2 ... both JICS and SAML2 would be active.
Get one user (not an admin and not a teacher) in this cloned system using SAML2
Then check out your mdl_user table.
What you will find? ... users you want to keep have a unique ID number ... 1st column in the mdl_user table. That ID number ID's the user throughout the system.
Differences in JCIS and SAML2 accounts need to be explored.
Moodle minimal: firstname,lastname,username,email
password if account is manual. Other auth password comes from remote auth server and might not be copied to mdl_user table. username might be email address.
Your mdl_user table might have many 'expired' accounts which can't be seen in Moodle Admin UX ...
Example:
id username firstname lastname email
10369 harry.potter@stu.hogwarts.thecloud.org.1486669051 Harry Potter a79ada312ca0775b7e79b1c428ff56ac
Note that harry.potter@stu.hogwarts.thecloud.org.1486669051 is the username ... which is normally harry.potter on the system username has been changed to email address with epoch time stamp of when account 'expired', emall address is a hash.
Your system might have something similar! :|
'SoS', Ken