Solved

Can you make it so Active Directory cannot reuse a username even if the username has been deleted?

Posted on 2016-12-01
6
12 Views
Last Modified: 2016-12-01
Hello. Is there a way to force Active Directory to not let you use a username of a previously deleted account? For instance if Jane Smith's username is jsmith and leaves the company and we delete her account I would like to make it so that AD will not let me use jsmith for a new hire James Smith. Is this possible?
0
Comment
Question by:Don Harvey
  • 2
  • 2
  • 2
6 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
No way I've ever heard of.  Could you explain why you want this?  Perhaps we can offer a solution then?
0
 
LVL 20

Expert Comment

by:JesterToo
Comment Utility
Rather than delete the account, why don't ypou just disable it?  That would accomplish what you want and also preserve some history of the former user.
0
 

Author Comment

by:Don Harvey
Comment Utility
Our organization is migrating from Exchange to Gmail. Because of regulations we have to keep all emails for a long time. Limitations to Google's ediscovery is forcing us to keep the Gmail accounts for ever (or until they enhance the product).

Another though is when we delete an account can we create a contact (or other type of object) with the old user name and would that keep us from using it? My hunch is no.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Author Comment

by:Don Harvey
Comment Utility
The disable thing may be our best options but because of IRS regulations and audits we would have to create a locked down OU. They request that accounts where no one has logged into them for 60 days or more get deleted. So we would have to prove the security to the IRS in our next audit.
0
 
LVL 20

Accepted Solution

by:
JesterToo earned 500 total points
Comment Utility
Perhaps you could check with the legal department to see if disabled would suffice.  It seems to offer more protection, and historical benefit, than simply deleting the user account regardless of what OU it is contained in.  Just my opinion :)
1
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
Are you sure Google is the best solution for you at this time? It seems to be creating problems for you.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

There are two modes of restricted groups GPOs. Replacing mode:   Additive mode:   How do they work? Replacing mode: Everything (users, groups, computers) that is member of the local administrators group will be cleared out. After th…
Starting in Windows Server 2008, Microsoft introduced the Group Policy Central Store. This automatically replicating location allows IT administrators to have the latest and greatest Group Policy (GP) configuration settings available. Let’s expl…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now