Why exactly are you trying to do this? It is a bit concerning that you dont have access to delete users but are talking about disabling them.
You also ask about adding users which you should know how to do if you are doing stuff like this. But want to add the type of user (AD) that you say you want to disable; and are now talking about cluster service users.....
Be very careful you know what you are doing and have authorisation otherwise your future might not be so rosey.
What exactly do you want to accomplish and why?
my interpretation is that his/her question is clumsy formulated and he/she wants to know if it is possible to keep a sql server in a windows cluster environment clean from windows system administrators and keep it for dba's "only". i'll read the proposed solution link later but the issue i had (and perhaps is solved in the ms article) is that the health check needs in the standard setup sysadmin rights. and the health check is done with an account to which system administrators have access.
I understand that for what ever reason he/she wants to keep other AD users out but what i dont get is why? This person obviously isnt the main dba as they dont have delete rights and so why are they doing this?
We (the dba's) dont own our boxes, we are responsible for them yes , but we cant lock out other IT admins (though it is tempting).
My point was, why is a junior dba undertaking a task which could have serious repercussions on a production server.
Be Nice, Or Leave