This is a question about methods as much as about "How To ...", I'm interested in how other SQL Server admins tally their Server Principals that are type G or U against Active Directory.
Do you have processes that enforce a server principal deletion when an AD account is disabled/deleted?
How do you verify/audit this process?
Do you keep a server principal if you identify it has no related database principal?
Any thoughts, ideas, experience will be interesting to hear.
↧
