When somebody deletes user accounts, these users will not be able to log into IT systems using domain authentication from any computer within the organization. If you delete a user account while the user is logged in, the user will lose access to email, SharePoint, SQL Server, shared folders and other systems. Therefore, it’s essential to monitor account deletions and quickly determine who deleted a user account, so you can quickly restore any improperly deleted account to minimize the risk of business disruption and system unavailability.
Netwrix Auditor for Active Directory delivers security analytics about what’s going on in Active Directory and Group Policy. It enables you to track all activity in Active Directory, including when anyone deleted a user account. It also automates reporting tasks by letting IT pros subscribe to predefined reports that are delivered via email, keeping them aware of who deleted any account, and where and when it was done. They can also generate custom reports using Interactive Search to detect and investigate suspicious activity, and save their search criteria for later use.