Question : Active Directory -- What is a good procedure for managing expired AD accounts / files?

We have a central file share that contains files owned by nearly everyone in the company (500+ users). We recently turned on quotas in our central file share and now notice many of the files and folders have a SID instead of an active user attached to them.

When a person leaves the company we have typically deleted their AD account after 30 days.

Question 1: How do organizations typically manage their expired AD accounts? Do they delete them or do they disable and keep them?

Question 2: Is there a good method to "reattach" ownership of these orphaned files to active users (something that doesn't involve the sysadmin)?

Answer : Active Directory -- What is a good procedure for managing expired AD accounts / files?

When we are informed of a user leaving the company we set the account to expire on that day at 17.00.

Every Friday we follow a procedure in which we permanently remove all accounts that have expired, along with their home directories.

We retain file server backups for 12 months and therefore are able to retrieve the home directories if required.

If a user returns to the company then they are assigned a new staff number, and not given their original one.

Random Solutions

Migration of PKI infrastructure to a non-PKI infrastructure

Play a specific scene or frame after I used LoadMovie method

java.lang.SecurityExceptio<wbr />n: Prohibited package name: java.util when running a Servlet with WAS 4.0.1

How much to charge - Experts only please

User not receiving all Exchange mail in Outlook 2007

RPC service unavailable Server 2003/2008

Change rows to columns specifically in sql 2005

Overriding the max 3 Conditional Formating in Access

Event ID 4321 and 8003

Why is the date/time stamp of our IIS log files not updating?