How can you verify if a Symantec DLP user account status is disabled or account is deleted?

Symantec Data Loss Prevention 15.8
Symantec Data Loss Prevention 16.0
Symantec Data Loss Prevention 16.0 RU1
Symantec Data Loss Prevention 16.0 RU2
Symantec Data Loss Prevention 16.1

The DLP Enforce Console does not have a report to show if a DLP user account has been disabled and it doesn't show deleted users at all.
To verify if the account is disabled, navigate to System > Login Management > DLP Users and select each DLP User Name individually.

 
The following command can be run against the database if you need a list of all disabled user accounts and deleted accounts
Note: run the command as the "Protect" user.

select name,datelockedout,isdeleted from protectuser where datelockedout is not null or isdeleted=1 order by isdeleted asc;