User Naming conventions - Active directory Windows 2003
- From: "WALI" <hkhasgiwale@xxxxxxxxx>
- Date: Sat, 9 Feb 2008 22:19:50 +0400
Current scenario:
AD user login name 'firstname.lastname'
user email account; 'firstname.lastname@xxxxxxxx'
email display name: lastname, firstname
In case of duplicates found within domain:
New AD user login name 'firstname.lastname123'. Old account remains the
same.
(numerical values are added infront of the new user account)
user email account; 'firstname.lastname123@xxxxxxxx'
email display name (GAL): lastname, firstname, middle initial (for both old
and new user - mutually agreed)
Disadvantages of current convention:
- Login accounts same as email IDs leads to a situation where looking at
internally published email listing, it's easy to guess user's AD login
account.
- A malicious user can lead someone else's account to lock out condition by
trying wrong password 5 times, as that's the 'Account lockout policy'
setting.
- Duplicates are not making sense.
Any advise!!??
- Follow-Ups:
- Re: User Naming conventions - Active directory Windows 2003
- From: Kurt Buff
- RE: User Naming conventions - Active directory Windows 2003
- From: Lubrano di Ciccone, Christophe (DEF)
- Re: User Naming conventions - Active directory Windows 2003
- Prev by Date: RE: Microsoft IPSec via group policy
- Next by Date: Re: Testing whole disk encryption
- Previous by thread: TrueCrypt whole disk encryption
- Next by thread: RE: User Naming conventions - Active directory Windows 2003
- Index(es):
Relevant Pages
|
