Currently windchill system creates new account (new record in WTUSER table) automatically on the first time user logons / is searched for using participation utility.
As soon as the user is present in the directory server and HTTP server authorizes the user, unless an active account is present, windchill creates a new one .
However the new account is created even there had been already a historical account with the same name that was once deleted.
The only way how to prevent the behavior is to re-enable the user account using the wt.org.EnableDisabledUsers utility in the windchill before adding it to the directory server. However when a windchill administrator does not have access to the directory server (e.g do not have access to the enterprise LDAP), often there is no way how to ensure that the user is re-enabled before being added to the directory server.
This then leads to an actual unique human user having two records in the system and it affects the products team information page: Such account is then listed twice, once with suffix "(deleted)" and as well this presents problem for the reporting and audit trail history.
The idea is about letting the windchill system administrator to prevent this from happening. The current behavior: automatic creation of new users that have never been created on the system on first logon would stay in place. The implementation can be as simple as allowing this to be controlled via configuring some wt property. This would affect only the scenario when the username already exists in windchill system but it is currently disabled (deleted).