locked
Create AD Groups with the same name !! RRS feed

  • Question

  • hi , 

    i need to create two groups with the same name into different OU .. how i can do it ???? 

    Wednesday, July 2, 2014 11:56 AM

Answers

  • Hi,

    You can create two groups with same display name (RDN) in two different OU's.  Relative distinguished names must be unique in that users cannot have the same name within an organizational unit.

    But you cannot have same SAMName - must be unique among all security principal objects within a domain.

    Windows 2000 logon names are unique to the domain and Windows Server 2003 logon names are unique within the forest.

    http://technet.microsoft.com/en-us/library/cc776019(v=ws.10).aspx


    Regards,
    Rafic

    If you found this post helpful, please give it a "Helpful" vote.
    If it answered your question, remember to mark it as an "Answer".
    This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

    Wednesday, July 2, 2014 12:59 PM
  • Hi,

    You can create two groups with same display name (RDN) in two different OU's.  Relative distinguished names must be unique in that users cannot have the same name within an organizational unit.

    But you cannot have same SAMName - must be unique among all security principal objects within a domain.

    Windows 2000 logon names are unique to the domain and Windows Server 2003 logon names are unique within the forest.

    http://technet.microsoft.com/en-us/library/cc776019(v=ws.10).aspx


    Regards,
    Rafic

    If you found this post helpful, please give it a "Helpful" vote.
    If it answered your question, remember to mark it as an "Answer".
    This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!


    Correct, except there is no such thing as "Windows Server 2003 logon names" the sAMAccountName is referred to as "Pre-Windows 2000 Logon Name" sometimes in contrast to the User Principal Name (UPN) that can be used to authenticate only on Windows 2000 and later, the only change to sAMAccountNames that occurred in Windows Server 2003 is that if you create a security principal without specifying a sAMAccountName - a random generated sAMAccountName will be supplied by the DSA (DC).

    Enfo Zipper
    Christoffer Andersson – Principal Advisor
    http://blogs.chrisse.se - Directory Services Blog

    • Marked as answer by Anis Loued Friday, July 4, 2014 9:28 AM
    Thursday, July 3, 2014 1:26 AM

All replies

  • Hi,

    You can create two groups with same display name (RDN) in two different OU's.  Relative distinguished names must be unique in that users cannot have the same name within an organizational unit.

    But you cannot have same SAMName - must be unique among all security principal objects within a domain.

    Windows 2000 logon names are unique to the domain and Windows Server 2003 logon names are unique within the forest.

    http://technet.microsoft.com/en-us/library/cc776019(v=ws.10).aspx


    Regards,
    Rafic

    If you found this post helpful, please give it a "Helpful" vote.
    If it answered your question, remember to mark it as an "Answer".
    This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

    Wednesday, July 2, 2014 12:59 PM
  • Hi,

    You can create two groups with same display name (RDN) in two different OU's.  Relative distinguished names must be unique in that users cannot have the same name within an organizational unit.

    But you cannot have same SAMName - must be unique among all security principal objects within a domain.

    Windows 2000 logon names are unique to the domain and Windows Server 2003 logon names are unique within the forest.

    http://technet.microsoft.com/en-us/library/cc776019(v=ws.10).aspx


    Regards,
    Rafic

    If you found this post helpful, please give it a "Helpful" vote.
    If it answered your question, remember to mark it as an "Answer".
    This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!


    Correct, except there is no such thing as "Windows Server 2003 logon names" the sAMAccountName is referred to as "Pre-Windows 2000 Logon Name" sometimes in contrast to the User Principal Name (UPN) that can be used to authenticate only on Windows 2000 and later, the only change to sAMAccountNames that occurred in Windows Server 2003 is that if you create a security principal without specifying a sAMAccountName - a random generated sAMAccountName will be supplied by the DSA (DC).

    Enfo Zipper
    Christoffer Andersson – Principal Advisor
    http://blogs.chrisse.se - Directory Services Blog

    • Marked as answer by Anis Loued Friday, July 4, 2014 9:28 AM
    Thursday, July 3, 2014 1:26 AM