Auto-Reconciliation of accidental/malacious account enabling in AD

Idea created by iiqbal_bchydro on Apr 18, 2016
    Not planned

    Dear Community,

    On account termination, we generally disable accounts (NOT delete) in endpoints especially AD due to different audit requirements. However, at some point in future, it is possible that someone may accidentally or intentionally enable the user account and thereby opening a security hole. In some IAM products, it is possible that IAM detects the possible change and thereby disables the account again. Is there any thought going around in product management team to include this feature in future? Also, this feature must be independent of explore and correlate because one would like to have the accounts disabled in real-time rather than wait for Explore and correlate to complete.