We're currently using Meraki cloud for our VPN authentication, which means that all our VPN users are listed in "User management" for each network in our organization.
We also have a number of Organization admins with various levels of privileges. I discovered the hard way that if I remove all of an administrator's privileges, Meraki will prompt that the user account will be deleted as a result. After that action, the user's VPN credentials are no longer in the directory.
Is there a way to demote an account from an administrator to a standard "guest" account, so I don't have to recreate the account and reset the VPN password?
I'm not aware of a way to demote an administrator account to a guest user without deleting it and re-adding.
When adding users that only need VPN access you normally put them under:
Yes, we routinely do that.
But all our Admins are also VPN users (they're a subset of the Network Wide/Users). Meraki automatically deletes an admin account which has no privileges. Which removes the entry from the Network Wide/Users list.
I assume this is the same database, since when you view the users in the Network Wide/Users list, they're shown as "Administrators".
How about creating a dummy network called "no-privileges", that contains nothing, and only giving them access to that?