[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Duplicate 'name' attribute in Active Directory

Posted on 2009-07-08
1
Medium Priority
?
2,336 Views
Last Modified: 2012-05-07
We have run into an issue where multiple names (e.g., John Smith) appear in the same Organizational Unit in Active Directory.  While other attributes like samaccountname, employeeid and others are unique, we find that Active Directory will not allow for a duplicate 'name' attribute.  Is this because CN derives by name by default?  Or, is there a workaround?

We ponder appending some unique value to the end of name (e.g., John Smith [jsmith01]).  However, I wanted to throw this question out there to see what other feedback I can get.  From what I have read, it seems like while you cannot have duplicate 'name' attribute values in the same Organizational Unit, you can have the same name in Active Directory in another OU.  Mainly, I was just wondering what others have done because I suspect it must be common for large directories with many users in OUs to have similar run ins with multiple John Smith names (or other common names).
0
Comment
Question by:CecilAdmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 24803364
>  Is this because CN derives by name by default?

Yes. Every CN must be unique within the same container to meet the constraint that every Distinguished Name (DN) must be unique.

I'm afraid there's no way around that aside from changing the value for CN (also known as the Relative DN, RDN).

This is a limitation of LDAP rather than something unique to AD.

Whenever I've bumped into this in the past either the givenName is changed to a short version, if applicable. Or a middle initial is inserted, again if applicable.

Chris
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question