I'm having some challenges managing my users for PhishThreat. Since PhishThreat syncs users that are in the Disabled Users group (as far as I know it's best practices to disable rather than delete users) my numbers aren't accurate. Using AD sync I'm wasting licenses on users that don't work here any more. I was also told by support that during setup you're able to choose which groups are synced from but now that setup is complete I can't make any changes.
So how do you all make sure you're only including active mailboxes in your PhishThreat campaigns?
There are LDAP filters you can use while syncing with AD sync utility to make this work.
You can delete the manually created users from a Sophos central dashboard if they are already there via AD sync.
Here is the link where you can check for these details
I gotta ask, why do you have users still in LDAP that do not work there anymore?