At what point do you consider an account dormant and disable it? What are you using to determine if an account is not being used?
In AAD and AD, we check for last logged in. If >90 days, we disable the account. If after 90 days no one claims it, we move the account into OU=Disabled. After 366 days in OU=Disabled, we purge it.
In AAD and AD, we check for last logged in. If >90 days, we disable the account. If after 90 days no one claims it, we move the account into OU=Disabled. After 366 days in OU=Disabled, we purge it.
Agreed. We take the same approach.