• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 258
  • Last Modified:

When an Active Directory account is disabled can the account still operate

Major screw up by our HR dept on a terminated employee, the employee was said to left the building but didn't, IT locked down account by disabling Active Directory account

Later we realized that the employee was logged into their workstation at the same time the AD was disabled.

Now for Domain Admins some accounts used in multiple server settings get locked out but you do not realized they are locked out until trying to make a new connection.

Question is this, if you disable or lock an AD account while the account is logged onto the network does the disable/lock out become effective only once the current session is terminated?
1 Solution
The disable account becomes effective immediately.
Access to network  and server specific resources will no longer
be available to the logged in user, however, access to resources
available to 'Everyone' will still be accessible, such as running
network programs and usually printing.

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now