Petrofac_ITlogmein
asked on
Naming users in AD and Exchange
Hi all
I was wondering of the related best practises in the areas of user naming convention within Windows/Exchange 2003 environment.
The concern arose from the fact that most of the times, users email listing appears in Intranet websites if not Internet and also, I have seen at most places, that user's login names and exchange email IDs are the same, giving rise to a security concern that with Email ID list readily available on the Intranet, we are 50% nearer to cracking the password of the user, if his/her login ID corresponds to Email ID.
Your thoughts in this regards?
I was wondering of the related best practises in the areas of user naming convention within Windows/Exchange 2003 environment.
The concern arose from the fact that most of the times, users email listing appears in Intranet websites if not Internet and also, I have seen at most places, that user's login names and exchange email IDs are the same, giving rise to a security concern that with Email ID list readily available on the Intranet, we are 50% nearer to cracking the password of the user, if his/her login ID corresponds to Email ID.
Your thoughts in this regards?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Various Methods are envisaged for display names although it's decided that we can live with strong password policy when it comes to using same email IDs and AD login IDs.
The main issue now is resolve same (first name/lastname) users across departments and business units. Supposing I have business units(categorised as different OUs within AD), by the name of DUB and DEL.
First otion that we have can be:
1. Location / Division Firstname Lastname
DEL- Some Name
DUB-Some Name
Pros: Easier for the end user to search if they now the department of the other person
2. Firstname Lastname Location / Division
Some Name-DEL
Some Name-DUB
Pros: Easier to differentiate the person based on department , simple search with first name
3. Lastname , Middle Initial , Firstname
Name,X,Some
Name,Y,Some
Pros: Display presentation will be good, however most of the time people may find it difficult to remember the middle initial to identify the right person
Then there could be same name within departments.
I was also thinking that each employee has his/her unique employee ID, if we can use it within display name in some way?
Any better ideas..anyone!! :( Considering that have about 2000 employees spread across globe over a Single Domain of AD/Exchange 2003?
The main issue now is resolve same (first name/lastname) users across departments and business units. Supposing I have business units(categorised as different OUs within AD), by the name of DUB and DEL.
First otion that we have can be:
1. Location / Division Firstname Lastname
DEL- Some Name
DUB-Some Name
Pros: Easier for the end user to search if they now the department of the other person
2. Firstname Lastname Location / Division
Some Name-DEL
Some Name-DUB
Pros: Easier to differentiate the person based on department , simple search with first name
3. Lastname , Middle Initial , Firstname
Name,X,Some
Name,Y,Some
Pros: Display presentation will be good, however most of the time people may find it difficult to remember the middle initial to identify the right person
Then there could be same name within departments.
I was also thinking that each employee has his/her unique employee ID, if we can use it within display name in some way?
Any better ideas..anyone!! :( Considering that have about 2000 employees spread across globe over a Single Domain of AD/Exchange 2003?
ASKER
How do you guys treat duplicates , vis a vis AD logon accounts or email accounts???
your going to come across either complexity issues and over kill or the possibility of duplicate names....if you choose a firstname.lastname approach, its no biggy if you get a duplicate and vary a little from the standard
As for their actual display name, I use <surname>,<initials>,<firs
-tigermatt