Solved

What do you guys do with Windows AD old user accounts?

Posted on 2008-06-19
7
252 Views
Last Modified: 2013-12-02
this is a dumb question. we are running Active Directory of course. there are many old accounts (windows and Exchange) from employees who have left long time ago.

do you guys just delete them or just disable them? I have many complaints on seeing these users in GAL or groups.

what do you guys do?
0
Comment
Question by:PaperTiger
7 Comments
 
LVL 17

Accepted Solution

by:
Andres Perales earned 35 total points
ID: 21825954
We disable account for 90 days, reset the password to an administrative password for those accounts, hide account from the GAL so that they do not show up and annoy people.

After 90 days we delete the account, the mail box will stay in exhange another 15 days then automatically purges.
0
 
LVL 26

Assisted Solution

by:MidnightOne
MidnightOne earned 30 total points
ID: 21825957
I disable the user account, reset the password and hide the user from the address book. After 90 days, the account can be deleted permanently.
0
 
LVL 58

Assisted Solution

by:tigermatt
tigermatt earned 30 total points
ID: 21826108
We usually keep them for between 90 and 180 days. During this time, another user will be delegated the respnsibility of checking the Exchange mailbox of this account to deal with any incoming mail. Of course, during this time, anyone important who is going to make contact will already have done so, and received the new contact information. This also allows the user to retrieve important mail from the user's mailbox and their Documents folder.

After this time, we completely delete the account, files and mailbox from the system, although if it was a very important user, their information is usually archived (PST file for Exchange mailbox) before they are deleted, just in case there was important financial information or something else present in there!

-tigermatt
0
Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

 
LVL 2

Assisted Solution

by:thor_08
thor_08 earned 30 total points
ID: 21826110
Hello Paper Tiger, it's best to disable the account immediately and reset the password to a password Standard, hide the user to the GAL. That way we avoid the user access to resources and mantém the user's mailbox when someone needed E-mails from that account.
After a few weeks, you can eliminate.
If there is enough movement of the user accounts of active driectory, you can use a script to automatically removes
Greetings
0
 
LVL 8

Author Comment

by:PaperTiger
ID: 21826270
so, deleting is perfectly fine?
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 21826289
There is nothing wrong with deleting...we just keep for administrative purposes is all...if you know the user is gone, then you should delete the account, if no one needs access to their mail, that can go away too...
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21826345
>>> "so, deleting is perfectly fine?"

Yes - you can safely delete them. They shouldn't have any custom services or applications running on them, so in theory nothing is relying upon them and they can therefore be removed.

It's just good to keep the mail and files present for a while and get someone in the old user's department to check over these - just in case that one important file is hidden away somewhere!
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
accessing the windows\csc folder 5 142
Linux Real Time Memory on Distinct 24 Cycle 7 42
server crashed 2 59
Changing logon server question 5 63
The question has been asked on multiple occasions as to how best to do printing in a remote desktop or terminal services environment.   It seems that this particular question has plagued several people and most especially as Terminal Services, as…
My previous article  (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html)detailed one possible method to get SCCM 2007 installed an…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question