Discussion in 'Active Directory' started by Andrew Knoke, Nov 26, 2007.

  Andrew Knoke

    Andrew Knoke

    I create most of the AD account at my location via vbs scripts and I
    routinely run into two individuals with the same display name. Up until
    this point I have just been doing a micky mouse work around like
    renaming one of the current users and deleting the middle initial or
    something like that. The problem then comes back to haunt me because
    now I have to keep track of this exception. We are now looking into
    adding another 25000 user accounts and what was somewhat manageable
    before I feel is going to be a real head ache. What are other people
    doing to handle this. I can't believe that everyone is just forced to
    create a new ou everytime they run into a duplicate display name or make
    a manual exception.
    Andrew Knoke, Nov 26, 2007
  2. Just to clarify, I think by "display name" you mean the "Common Name" (the
    value of the cn attribute). The displayName attribute can be anything
    (including missing).

    The cn attribute must be unique in the OU or container. There can be any
    number of objects in the domain with the same value assigned to cn, as long
    as they are in different OU/Containers.

    There is no simple solution for the problem. When the script creates the
    user it can either search to find out if the value for cn is used in the OU,
    or trap the error if the creation fails. Some organizations then append
    numbers until they find an available value. What you do is up to you.

    When you talk of exceptions, I guess this means that your Common Names are a
    standard combination of first and last names and middle initials. If you
    intend to never violate the formula, there can be no solution. I've seen two
    employees with the exact same name, including middle initials.
    Richard Mueller [MVP], Nov 26, 2007
  3. Set the common name to something unique - email address, employee ID, etc.

    Display Names - this is really something you should let the employee do self
    service. Things to add could be the location or business unit e.g. Desmond,
    Brian (Chicago).

    Brian Desmond
    Windows Server MVP - Directory Services

    Brian Desmond [MVP], Nov 26, 2007
  Andrew Knoke

    Andrew Knoke

    Currently my CN name is something like "Rick M James". If I go and
    change it to their username, which is unique ie "jamesj", will this have
    any effect on the users in our environment. FYI, we are not using Exchange.

    Andrew Knoke, Nov 27, 2007
  5. Shouldn't unless you have some poorly written app depending on it.

    Brian Desmond
    Windows Server MVP - Directory Services

    Brian Desmond [MVP], Nov 28, 2007
