• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 119
  • Last Modified:

Can you make it so Active Directory cannot reuse a username even if the username has been deleted?

Hello. Is there a way to force Active Directory to not let you use a username of a previously deleted account? For instance if Jane Smith's username is jsmith and leaves the company and we delete her account I would like to make it so that AD will not let me use jsmith for a new hire James Smith. Is this possible?
0
Don Harvey
Asked:
Don Harvey
  • 2
  • 2
  • 2
1 Solution
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
No way I've ever heard of.  Could you explain why you want this?  Perhaps we can offer a solution then?
0
 
JesterTooCommented:
Rather than delete the account, why don't ypou just disable it?  That would accomplish what you want and also preserve some history of the former user.
0
 
Don HarveyAuthor Commented:
Our organization is migrating from Exchange to Gmail. Because of regulations we have to keep all emails for a long time. Limitations to Google's ediscovery is forcing us to keep the Gmail accounts for ever (or until they enhance the product).

Another though is when we delete an account can we create a contact (or other type of object) with the old user name and would that keep us from using it? My hunch is no.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Don HarveyAuthor Commented:
The disable thing may be our best options but because of IRS regulations and audits we would have to create a locked down OU. They request that accounts where no one has logged into them for 60 days or more get deleted. So we would have to prove the security to the IRS in our next audit.
0
 
JesterTooCommented:
Perhaps you could check with the legal department to see if disabled would suffice.  It seems to offer more protection, and historical benefit, than simply deleting the user account regardless of what OU it is contained in.  Just my opinion :)
1
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Are you sure Google is the best solution for you at this time? It seems to be creating problems for you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now