CN is typical. Inside a domain, samaccountname is unique. CN is only unique within the RDN.
For those reasons, I often recommend that your CN and samaccountname be matched (which is not the default if you use the ADUC to create users). It's also helpful if you're an Exchange shop to have your alias and UPN (LHS) match your samaccountname match your CN....
Why? Because then you don't have users that are confused as to what to enter. You also don't have to worry about collisions when you move users around and so on. In the end, it's about the user experience (think how much easier this job would be without users ;) so you want to make it as consistent as you can. That'll reduce your helpdesk call volume to some degree as well.
This also indicates that you should have a process that generates unique id's in your environment. That'll save time later.
Does that help?
On 6/6/06, RM <[EMAIL PROTECTED]> wrote:
Guys, I have a dumb question.. A 3rd party app that uses LDAP for authentication... What attribute should be utilized for username? SamAccountName is the pre-Windows 2000 name. DistinguishedName is the long form OU/CN gobbledygook. So what is the name of the attribute for the actual user logon name?
Thx,
RM
