LDAP or ADDS

I will describe how it usually happens. DataArt, Interfax, Letual, Bank of Russia.
In the morning at 11 o'clock you come to the office, HR arranges a "welcome aboard". After running around the office. You are allocated a desktop, they are interested in how many monitors you want, the admin brings a system unit or simply uses the old one. In AD, you already have an account, as a rule, you are thrown out to the corporate portal and the tracking system.
You get a corporate email, sip number, account in Lync or Skype. Then you register on the messengers you need, but this is already optional. In general, that's all.
There is a whole section for beginners in the wiki or on the portal, in outlook you are already subscribed to several subscriptions in the company, the first task is to arrange a place for yourself and send the newly created messenger contacts to the HR service.

There should be no personal accounts in a corporate environment. Everything is organized by your forces on machines under your control (real/virtual/in the cloud). Authenticate from Active Directory.
Replace all online services with personal accounts with on-premise solutions. Maybe not so convenient, but 100% under your control.

There is a set of corporate tools in which users must have personal accounts: Dropbox, Airtable, Zoom, Slack, etc.

What?
In the enterprise, users do not have personal accounts. Everything is issued by the admins and everything is controlled by the admins (support, if the company is large enough to separate the admins and the support - at the same time, the account is still started by the admins, but the support will take care of setting it up).

I'll add to SunRiser's post that all personal services should be disabled, otherwise things will get out of hand very quickly.
Hire a person who will set it all up from the very beginning as it should be, and not from personal guesses.

In a corporate environment, a single authorization - you enter the system and get access in accordance with the rights assigned to you.
Perhaps, if necessary, they will give you access to a corporate dropbox account and other crap. Or maybe they won't if it's not needed.

Option 2:
1. Corporate mail
2. Personal mail
Next - a new user is created in all the necessary systems by sending an invitation to him by E-mail.
It follows the link and immediately gets into the working environment on a certain external system.
PS: For internal services - VPN/LDAP/RADIUS and only corporate mail.

Everything is done strictly according to the developed regulations and rules of the company.
The algorithm can be as
follows: 1. HR / department head submits to IT an application agreed with the management for creating an employee with a list of required accesses
2. Admins create all these accesses / accounts, or provide access to the specified user accounts
3 Admins, enikei, or support help the user deal with all this