Thanks Elisabeth - I would also advise to toggle the Disabled check box on the user profile as well, that makes the user profile unusable for a user profile lookup at login time.

Depending on the version of the software in question, there are multiple ways to do authentication, roughly they come down to either:

• External Authentication, so you provide your domain credentials or work accounts to a Secure Token Service. STS brands like Microsoft ADFS or PingIdentity or anyone that confirms to the OASIS standards we support.
• Internal Authentication, perhaps more the backward compatible option where you make the Content Management system responsible for the username/password authentication. Typically the flow also goes over a Secure Token Service, same standards, but we provide it with the software typically named InfoShareSTS or ISHSTS.

Once you are authenticated, then a Content Management user profile lookup will happen as that will provide the necessary Authorization to the logged in user providing UserRoles and UserGroups. Do note that if you used External Authentication, that a disabled domain account, would not never allow a user profile hit anyway.

In general we think that the user profiles are part of a historical database and true deletion is not advised. I hope this clarifies the generics, and get you going as we are missing some details in the initial question.