The areas of maintenance for a remote access VPN solution are as follows:
Management of user accounts
Management of VPN servers
Updating of CM profiles
When a new user account is created in Active Directory and that user is allowed to create remote access VPN connections, add the new user account to the appropriate group for VPN access. For example, add the account to the Wcoast_VPNUsers security group, which is a member of the VPNUsers universal group. The network policy for VPN connections is configured to use membership in the VPNUsers group as a condition for granting access.
When user accounts are deleted in Active Directory, no additional action is necessary to prevent remote access VPN connections.