I don't have much comment on the technical aspects of your blog. I read
it to learn, as I don't know much about this problem -- it's not a problem
in my small environment.
But, since I was a writer and editor in a previous life, I can offer some
comments on the blog and the prospective article (which I encourage)
I recommend tightening it up a bit (the article could easily start at the
third paragraph, for example); structuring it so that a description of the
problem and/or solution is at the beginning of each subsection and of the
article itself; giving concrete illustrations at every major point.
It's clear that you have good mastery of the naming infrastructure (or
infrasnakesnest) and dynamics of AD, but not everyone who can benefit from
your article will necessarily know all those things you take for granted.
So a summary of all that wouldn't be a bad idea.
I hope this is helpful.
-----Original Message-----
*From:* Al Mulnick [mailto:[EMAIL PROTECTED]
*Sent:* Monday, November 27, 2006 6:57 AM
*To:* [email protected]
*Subject:* Re: [ActiveDir] mailNickName(OT)
Now that I've shaken that turkey-induced coma:
http://blogs.dirteam.com/blogs/al/archive/2006/10/05/History-Repeats-Itself.aspx
I have to say though, I am a shy person by nature. Ask anyone that knows
me and they'll tell you how shy I am in person ;)
Albert, and anyone that reads the blog, I would appreciate comments.
Anything I can do to make things better, I'm happy and eager to do.
Al
On 11/24/06, Albert Duro <[EMAIL PROTECTED]> wrote:
>
> Could I bother you for a link to your blog? Searching on 'al mulnick
> blog mailnickname' (and various combinations thereof) got me all kinds of
> stuff, none of which seemed to be what you're referring to.
> C'mon, Al, you gotta get over this shyness...
>
>
> ----- Original Message -----
> *From:* Al Mulnick <[EMAIL PROTECTED]>
> *To:* [email protected]
> *Sent:* Wednesday, November 22, 2006 8:41 AM
> *Subject:* Re: [ActiveDir] mailNickName(OT)
>
> Other than being used for access by other protocols such as pop, imap,
> and owa, last I checked it's also the value used for the x.400 like
> address which is used for mail delivery internally by Exchange. You
> wouldn't want that to be non-unique else you might have to call somebody
> like joe to come in and help clean up :)
>
> I'm surprised that this company you're at has not gone to unique values
> for this. I'm equally surprised they don't have other issues with their
> Exchange deployment, but it's possible you haven't gotten far enough into it
> yet to notice some of them.
>
> I've blogged about my thoughts regarding what should be globally unique
> in an AD/Exchange environment. It's a long enough blog it may even be a
> good candidate for an essay or possibly a sleep aid.
>
> If you want the details, have a read. The short answer is that you want
> every user to be unique and to have a consistent and trouble-free
> experience. That keeps you from being up late at night with international
> customers first and your local in-country customers the next day.
> Mailnickname is one of the attributes that should be unique same as
> samaccountname and smtp address (some are enforced per forest, some per
> domain but all should be enforced regardless in my opinion). Since they can
> often feed on one another, I maintan that samaccountname should be the
> user's foundational, non-changing, never touched as long as that person is a
> member of the company in good standing, network id. Exchange relies on
> Active Directory and as such you're better following the same rules .
>
>
> Al
>
> On 11/22/06, joe <[EMAIL PROTECTED]> wrote:
> >
> > The mailnickname isn't populated in a similar way to display name. The
> > common ways for mailnickname generation and its population are through
> > the
> > RUS, by CDOEXM, or by the special ADUC extension (and no ADUC doesn't
> > use
> > CDOEXM). This is unlike displayname which has ADUC as its common way
> > to be
> > populated. Certainly they could have done something like that but they
> > didn't.
> >
> > Changing the format is ok, most companies don't do it but some do. But
> > if
> > there is going to be a change, change to something that is guaranteed
> > to be
> > unique in your organization. Display names are very often not unique;
> > definitely not unique at scale which is why Al said, it don't
> > scale.... Go
> > to any larger company in the US and type in Smith, Jones, Brown, or
> > Johnson
> > in the GAL and you will likely see multiple Alan's, Andrew's, Amy's,
> > Bob's,
> > Carol's, Fred's, John's, Steve's, etc... If you are multi-national try
> >
> > Chang, Chen, Gupta, Singh, Lopez, Hernandez, Jannsen, Smit, Larsen,
> > Berg,
> > Schulz, or Schmidt.
> >
> > The attribute is used quite a bit in Exchange. Where all it is used I
> > will
> > let some Exchange person respond if they want, but look quickly at a
> > mailbox
> > enabled user and check how many times you see the value. Note that
> > none of
> > the other attributes that use mailNickname in their initial generation
> > will
> > change if you change mailnickname, you absolutely wouldn't want that
> > or else
> > it would break certain types of delivery for that user. I have seen
> > some
> > nasty issues in larger orgs that resulted in mailNicknames not being
> > unique.
> > The problems can be solved by mechanisms other than unique
> > mailNicknames but
> > unique mailNicknames is by far the easiest way to handle it. I have a
> > tool
> > that reports bad Exchange attribute settings in an Org and duplicate
> > mailNickname is one of them that I flag as fairly high priority due to
> > my
> > experiences.
> >
> > joe
> >
> >
> > --
> > O'Reilly Active Directory Third Edition -
> > http://www.joeware.net/win/ad3e.htm
> >
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto: [EMAIL PROTECTED] On Behalf Of Tom Kern
> > Sent: Tuesday, November 21, 2006 10:07 PM
> > To: [email protected]
> > Subject: Re: [ActiveDir] mailNickName(OT)
> >
> > well, the company i currently work for sets the mailNickName of all
> > users to " firstname.lastname".
> > I didnt know there was any issue with changing the format of that
> > attribute.
> >
> > we have around 110,000 users mixed between Exchange and Lotus Domino
> > and this is the format they have been using(why, i'm not sure, I just
> > started here)
> >
> > I thought there could be a way to change the default format of the
> > mailNickName attribute the same way you could change the format of the
> > displayname.
> >
> > What issues can arise by changing the mailNickname format.
> >
> > I mean, what is this attibute for used exactly?
> > I thought this was only used for POP3 and IMAP and maybe OWA and ADC.
> > And I didnt think changing it could affect anything.
> > Can you guys educate me, please?
> >
> > Thanks
> >
> > On 11/21/06, joe <[EMAIL PROTECTED]> wrote:
> > > Not that I am aware of.
> > >
> > > I am with Al on this, keep it as the sAMAccountName. This value
> > while
> > isn't
> > > enforced to be unique really should be. Using sAMAccountName helps
> > with
> > that
> > > though it still allows duplicates in different domains.
> > >
> > > joe
> > >
> > > --
> > > O'Reilly Active Directory Third Edition -
> > > http://www.joeware.net/win/ad3e.htm
> > >
> > >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern
> > > Sent: Tuesday, November 21, 2006 5:19 AM
> > > To: activedirectory
> > > Subject: [ActiveDir] mailNickName(OT)
> > >
> > > Is there anyway to change the format of the mailNickName attibute to
> > > be something other than sAMAccountName automatically?
> > > Is there something like a "display specifiers" change that could
> > > change the format during the automatic generation of it to be
> > > "firstname.lastname" or can this only be scripted?
> > >
> > > Thanks
> > > List info : http://www.activedir.org/List.aspx
> > > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > > List archive:
> > http://www.mail-archive.com/[email protected]/
> > >
> > > List info : http://www.activedir.org/List.aspx
> > > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > > List archive:
> > http://www.mail-archive.com/[email protected]/
> > >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive:
> > http://www.mail-archive.com/[email protected]/
> >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive:
> > http://www.mail-archive.com/[email protected]/
> >
>
>
