We normally don't need to change the account login in those cases. Emails,
display names, all kinds of other things, but the account itself is usually
left alone. That said, a large portion of our users wind up with rather
cryptic logins due to it being easier to deal with a requirement of one of the
applications we use which is provided by one of our customers. So people don't
have logins that are easily associated with them by name, and the need for most
of those types of changes goes away.
--
There are 10 kinds of people in the world...
those who understand binary and those who don't.
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Maglinger, Paul
Sent: Monday, May 19, 2014 6:03 PM
To: '[email protected]'
Subject: [NTSysADM] RE: Adding employeeNumber field in ADUC user property window
That doesn't make me any happier. That leads me to believe that the issue was
intentionally omitted.
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Michael B. Smith
Sent: Monday, May 19, 2014 4:55 PM
To: [email protected]
Subject: [NTSysADM] RE: Adding employeeNumber field in ADUC user property window
That isn't new :)
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Maglinger, Paul
Sent: Monday, May 19, 2014 5:37 PM
To: '[email protected]'
Subject: [NTSysADM] RE: Adding employeeNumber field in ADUC user property window
I'm glad to hear from someone that used it.
This is spurred by the discovery that Cisco Unity Connections 10 uses LDAP
sync. Funny thing, users get married and divorced and require account name
changes. If the association between Unity and AD is based on the
samAccountName the association breaks - and you apparently can't just associate
the old voicemail account with the new account name. You have to delete and
recreate the Unity account.
Something else that the sales rep and engineers didn't mention when we were
considering this solution.
Now looking into using an attribute that won't change and employeeNumber is an
option.
Powershell is a definite for initially populating the attribute for existing
users. I'd still like to have something available that's already familiar with
everyone else for new users.
-Paul
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Melvin Backus
Sent: Monday, May 19, 2014 4:13 PM
To: [email protected]
Subject: [NTSysADM] RE: Adding employeeNumber field in ADUC user property window
I'm guessing you probably found the same one I did. I've been running if for
about 5 years now with no "known" ill effects, in case that makes you feel
better. We also handle employee type that way too. I agree, a separate tab or
being able to expose it on one of the existing tabs would be preferable, but
lately I've started using powershell for that sort of thing.
--
There are 10 kinds of people in the world...
those who understand binary and those who don't.
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Maglinger, Paul
Sent: Monday, May 19, 2014 5:02 PM
To: New NT System Admin List ([email protected])
Subject: [NTSysADM] Adding employeeNumber field in ADUC user property window
Is there a way to add a place under say, the General or Organization tab of the
user properties to enter the employeeNumber value without having to go into the
Attribute Editor and modifying it there?
I found an article which would have me put a vb script on the server, and then
right-click on the account to set the value. I'm not real crazy about putting
a vb script on my domain controller, much less one I downloaded from the net.
And I'd like the option to be available on all the DCs.
Anyone have any other options? Ideally I'd like to see a place on user's
property page in ADUC.
-Paul
