From: Lumb, Andy
Sent: January-15-13 5:16 PM
To: Cox, Rosalind
Cc: Deeb, Shaun
Subject: Amec account deletion / re-use policies
I have a few quick questions about AMEC’s policy on account deletion / reuse and was told you might be the right person to ask. If you are unable to answer these questions, could you pass this email along to someone who can?
We are writing a small application that integrates with AMEC’s Active Directory system. We are pulling data from Active Directory in regards to AMEC user’s white pages profiles. We are concerned about using the user’s UserName as a unique field.
1) Are usernames, such as ‘andy.lumb’, unique within AMEC currently?
2) Do username ever get recycled? For example after one user leaves the company and another user with the same name joins?
3) What happens to a user account when a user leaves the company?
4) How long do users stay in the ‘DisabledAccounts’ OU?
Thanks for any assistance you can lend us.
From: Cox, Rosalind
Sent: January-16-13 4:45 AM
To: Lumb, Andy
Cc: Deeb, Shaun; Garden, Jeffrey
Subject: RE: Amec account deletion / re-use policies
The best field for you to use for a unique identifier then is the objectGUID or objectSID. Usernames may not be unique as there is more than one domain being used.
Usernames do get recycled. Let’s say you leave AMEC tomorrow. We disable your account for one month and then delete it. If someone else with the same name starts after your account has been deleted then they get the same username.
Users stay in the Disabled Accounts OU generally for one month, then it is deleted.
Hopefully this answers your questions.
Global Account and Data Governance Analyst
Global Information Technology
66 Kenmount Road, Suite 204, St. John's, NL, Canada, A1B 3V7