CN=GivenName Initals. Surname vs CN=username when new account is created

[Andrew Bartlett]

On Fri, 2010-05-28 at 12:49 +0100, Lukasz Zalewski wrote:
> Hi all,
> It seems like newuser creates an account with CN=username,<domain>
> By playing with AD's mmc Users and Computer i have noticed that the 
> account is created using:
> CN=GivenName Initals. Surname
> where at lest one of the above three has to be defined
> 
> Should newuser create the account using AD way if at least one of the 
> (GivenName, Initals, Surname) is present and using login name if they not?
> One of the problems (with AD) i can see straight away is uniqueness issue.
> Its probably safe to assume uniqueness of username but with first, 
> initial and surname that is not the case.
> Given possibility of the sparseness of the input data, if there are two 
> people with the same first name (and no initials and surnames are 
> available) this will fail - possibly there might be two people with same 
> first and last name (and initials)
> 
> What are your opinions on this?

Yes, I think it's reasonable to match the AD behaviour if the given and
or surname attributes are specified. 

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100528/2408326a/attachment.pgp>