Lansweeper wrote:
Disabled domain accounts aren't actually scanned at the moment, so it wouldn't make sense to store the account status in the database. A disabled domain account can only be present in your database if it was enabled at some point. If you submit a new OU for Domain User Scanning and that OU contains users that are disabled, those users will not be scanned.
Scanning disabled domain accounts and storing the account status are features currently on our customer wish list, but we do not have a release date for them.
Thanks for the additional clarification.
Unfortunately for me, the accounts that are showing up as inactive were previously active and thus were previously scanned.
Our SOP calls for disabling rather than deleting old user accounts (which is fairly typical SOP, since deleting users deletes their previously granted access to storage locations, etc., while disabling them doesn't do that, so they can be brought back if an employee comes back, or they can be easily examined to determine groups they were members of so others can added to the same group, or they can be cloned, etc....) so we will likely always wind up with disabled users being created from previously enabled users.
We could delete the users (and break SOP) or we could instead just ignore the report which we'd rather not do. For now it seems we will need to manually filter the report.
On a related note, when we automate reports like this one and automatically mail them to appropriate parties, it looks like the reports are all or nothing in terms of mailing on a scheduled basis. It would be nice if we could send different reports on different schedules which would make this report a bit more useful or at least less annoying in its deficiencies
😉