The end state is the account is disabled. In order to delete the account, you would have to update all servers that use this account to instead log on directly with the dmsa account (using the same way you configure a gmsa in services snap in/ task scheduler / SQL / etc...). This is not an automated process and we will publish the manual steps needed if you wanted to completely delete the original account. The benefit at least is you can easily identify all machines where the account is used via the msds-groupMSAmembership attribute (principals allowed to retrieve managed password in the powershell verbiage) AD admins will also need to be careful with automated scripts that delete disabled/stale accounts and be sure to exclude the original service account from these automated cleanup scripts.