sbrown_cesd
asked on
Change Default LDAP CN on Active Directory users
We moved from a Novell NetWare server to a MS Windows Server 2003 AD server recently... users were migrated using a utility by Quest software and everything worked out great - until now.
When the migration utility copied over the users, the CN in an LDAP query was the same as our usernames (FirstInitialLastname) - this is what we wanted because one of the applications we use query via LDAP but does not let us specify which field to query (So we can't force the program to pull sAMAccountName - it only pulls the CN). Again, this has been working fine since the CN is the same as the username... except - all new users... users that weren't on the Novell server, the CN is FirstName LastName.
I looked around on Google and found Adsiedit and it mentioned:
# In the right-hand pane, open the properties for "CN=user-Display".
# Scroll to the createDialog optional property.
# Set the attribute to %<sn>.%<givenName>. Make sure that you click Set.
Note The only tokens that can be formatted in the dislayName are %<sn>, %<givenName>, and %<initials>.
It doesn't let me use %<sAMAccountName > or %<userPrincipalName>.
So how can I do this? How can I make the default CN be the same as the username?
I've seen ADAM mentioned but I haven't looked into it too much. If I made an ADAM server and tied it into our AD database could I "re-arrange" the fields a bit?
Thank you for your time.
When the migration utility copied over the users, the CN in an LDAP query was the same as our usernames (FirstInitialLastname) - this is what we wanted because one of the applications we use query via LDAP but does not let us specify which field to query (So we can't force the program to pull sAMAccountName - it only pulls the CN). Again, this has been working fine since the CN is the same as the username... except - all new users... users that weren't on the Novell server, the CN is FirstName LastName.
I looked around on Google and found Adsiedit and it mentioned:
# In the right-hand pane, open the properties for "CN=user-Display".
# Scroll to the createDialog optional property.
# Set the attribute to %<sn>.%<givenName>. Make sure that you click Set.
Note The only tokens that can be formatted in the dislayName are %<sn>, %<givenName>, and %<initials>.
It doesn't let me use %<sAMAccountName > or %<userPrincipalName>.
So how can I do this? How can I make the default CN be the same as the username?
I've seen ADAM mentioned but I haven't looked into it too much. If I made an ADAM server and tied it into our AD database could I "re-arrange" the fields a bit?
Thank you for your time.
When you look at the General tab of a migrated user's properties in AD Users and Computers, what does it show for First Name and Last Name?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
zelron22:
Username: sbrown
First Name: Scott
Last Name: Brown
Display Name: Scott Brown
CN= sbrown
LauraEHunterMVP:
I was afraid of that... I saw some scripts online - I might have to play with those on a test domain controller (don't want to accidentally wipe out my server :-) )
Username: sbrown
First Name: Scott
Last Name: Brown
Display Name: Scott Brown
CN= sbrown
LauraEHunterMVP:
I was afraid of that... I saw some scripts online - I might have to play with those on a test domain controller (don't want to accidentally wipe out my server :-) )
Thing with AD is that it's really good at publishing information and replicating it everywhere. It's really not good at (nor was it intended to be good at) enforcing "business rules" such as the proper way to format a telephone number or the name of a city, etc.
Holy moly Ms. Hunter, you've got more credentials than I've got [insert lame joke here].