Re: AD Attribute query!
- From: "Marcin" <marcin@xxxxxxxxxxxxxxxx>
- Date: Thu, 25 Jun 2009 09:22:28 -0400
The scripting approach for modifying the CN attribute (using the MoveHere
method of the parent container) is described in
http://www.microsoft.com/technet/scriptcenter/guide/sas_usr_aznz.mspx?mfr=true
I'm not aware of any specific problems related to changing cn, but you
should watch for name clashes - and obviously test thoroughly...
hth
Marcin
"UselessUser" <UselessUser@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CD53BFBC-1840-454E-99A6-57733CF61F87@xxxxxxxxxxxxxxxx
Hi,
Thanks for the reply, I understand that by setting the 409 attribute for
new
users, it amends the dialog box at account creation so it becomes surname,
firstname, and as display name is taken from that by default, display name
in
GAL will be surname, firstname as well..
However the script underneath it, only adjusts the display name, it does
not
touch the fullname (Or name attribute), so in AD old users will appear as
firstname surname, whilst new users will appear as surname, firstname...
I have seen ADMODIFY has a change CN (RDN) option, which I think sets the
name attribute and CN attributes to surname, firstname so then AD would
also
all match up but am worried about any problems of doing this?
"Marcin" wrote:
FirstName LastName happens to be the default format of Full Name entry in
ADUC (as per http://support.microsoft.com/kb/250455/). The article also
provides instructions on how to change this default format for any future
accounts (btw. you can find a script that changes this format at
http://support.microsoft.com/kb/277717/ - although you'd need to modify
it
to match the naming convention you want to use). Without knowing how the
other accounts were created, it is rather difficult to speculate why
their
Full Name is different - this could have happened in a number of
different
ways (account migration is one of them)...
I'd not expect any negative implications, as long as you modify this
particular attribute only - but obviously you should test it with one
non-critical account first before you apply changes en masse...
hth
Marcin
"UselessUser" <UselessUser@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A6172306-0493-4CE7-8277-437348658DF5@xxxxxxxxxxxxxxxx
Hi,
We have a large group, which recently needed major editing, so I handed
it
over to another person who asked me a very simple question..
How come when looking at this group, members appeared as one of these
types:
FSurname
Firstname Surname
And I had no idea, after a bit of study, it looks like ADUC exposes
members
by the Full Name (or Name attribute) of their accounts.
The real question is, how come if they have been created using the
normal
Firstname and Lastname options in ADUC, and the full name is generated
automatically from these and is not changed, how do some people have
the:
FSurname
I think some of these are old users, so may have been migrated from an
NT4
domain, would this cause this?
Also is there any damage (Relating to AD and Exchange etc) of running a
script on these accounts to rename the name attribute to firstname
lastname??
.
- Follow-Ups:
- Re: AD Attribute query!
- From: Richard Mueller [MVP]
- Re: AD Attribute query!
- References:
- AD Attribute query!
- From: UselessUser
- Re: AD Attribute query!
- From: Marcin
- Re: AD Attribute query!
- From: UselessUser
- AD Attribute query!
- Prev by Date: Re: On one PC no user runs logon script
- Next by Date: Re: My Network Places - Across WAN
- Previous by thread: Re: AD Attribute query!
- Next by thread: Re: AD Attribute query!
- Index(es):
Relevant Pages
|
Loading
