We've got an SIS integration which works great but every-so-often there's a need to manually create an account for some exception or another. I had what I thought was the brilliant (and humble!) idea to throw my initials and date into the SIS ID field when creating users, so we had some hope of tracking down the reasoning behind a particular oddball account years down the line. (I could just have easily thrown the ticket ID for our case system in.)

It seems that Canvas won't let these users change their password through self-service (via the "Forgot Password" link on the /login/canvas page that they use). They're reporting that they get a message that their account is controlled by the institution and they should use our main password-change procedure (which they shouldn't).

Clearing the SIS ID field got the password-change process working for them.

How are others handling the creation of these kinds of one-off accounts? Do you just keep track of "who got what for which reason?" in a giant spreadsheet somewhere, or do it all within your trouble-ticket system, or am I missing a field in Canvas that I'm not thinking of that could be used creatively for this purpose, etc.?