Can someone explain to my why, if they know somebody will be off for say 6 months due to an operation they will disabled their domain account in AD "for security reasons"? What security reasons are there to disable this account? What other reasons are there aside from security to disabled this account?

Hello, only security, if the password from the person is known by others nobody can logon during that time. There is no other side effect on disabling that account.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

It could be also caused by local law. In Example in Poland user cannot log on to computer(s) while he/she is off for long time (sick/holidays) then some goverment organisation can set fine for a company in which user is working. So, this is important to disable temporairly user(s) account(s). And of course for "security" reason as Meinolf described above.Regards, Krzysztof

It could be also caused by local law. In Example in Poland user cannot log on to computer(s) while he/she is off for long time (sick/holidays) then some goverment organisation can set fine for a company in which user is working. So, this is important to disable temporairly user(s) account(s). And of course for "security" reason as Meinolf described above. Regards, Krzysztof Who could catch them out for logging in to work when off claiming to be sick? Or do you mean its the employers of the person off sick that will check if they had been trying to login? They'd need access to your data/network wouldnt they?

Hello, only security, if the password from the person is known by others nobody can logon during that time. There is no other side effect on disabling that account. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Is that really security though, if they knew the password they could have had months if not years logging in as this other user before they went off sick and the account got disabled....

In case of any control (in big companies these controls are frequent) or your former employee did announce anonymously to goverment ("work inspection"), they ask for logs to check if someone was working when he/she was sick. If so, you will pay a fine because our law doesn't allow working when you are sick or on holidays. Additionally they ask if you have implemented any mechanism which blocks unused accounts for some period of time. So, even for administrators it's good to disable accounts, because sometimes user(s) has/have remote access permission and it's unsecure to leave account(s) enabled. Good practices say: do not leave holes if you know they are holes!Regards, Krzysztof

In case of any control (in big companies these controls are frequent) or your former employee did announce anonymously to goverment ("work inspection"), they ask for logs to check if someone was working when he/she was sick. If so, you will pay a fine because our law doesn't allow working when you are sick or on holidays. Additionally they ask if you have implemented any mechanism which blocks unused accounts for some period of time. So, even for administrators it's good to disable accounts, because sometimes user(s) has/have remote access permission and it's unsecure to leave account(s) enabled. Good practices say: do not leave holes if you know they are holes! Regards, Krzysztof Be very interested if anyone knew the rules around this in the UK?

Be Forwarned, I am no lawyer and cannot provide any legal guidance towards your situations. All of you may be able to find resources in your area regarding Cyber Laws online but... Typically you just need to speak with a Cyber Crimes lawyer or law practitioner to discover the laws in your area to see what applies. They will typically be obliged to help you with some resources or provide you with some information to obtain those laws in-depth so you can follow legal compliance as well as IT Compliance. Google Search: "UK" Cyber Laws or "UK" Information Security Laws for System Administrators. I found some resource here: http://www.jisclegal.ac.uk/LegalAreas/ComputerMisuse.aspx Some of the contents in that Computer Misuse Act may apply to system administrators responsibilities... So read it anyway if you find yourself in the IT Field in the UK. Hope that helps! Best Regards,Steve Kline Microsoft Certified IT Professional: Server Administrator Microsoft Certified Technology Specialist: Active Directory, Network Infrastructure, Application Platform, Windows 7 Microsoft Certified Product Specialist & Network Product Specialist Red Hat Certified System Administrator This posting is "as is" without warranties and confers no rights.