We are changing the rdn's of users to match their
sAMAccountname and the name attribute is being changed to
the same value. Just wondering what the name attribute
is used for or if this would cause any known problems.

Chad wrote:

In AD user objects have a sAMAccountName attribute, which must be unique in
the domain. This is the NT logon name, also called the "pre-Windows 2000
logon name". In addition, user objects have the cn (common name) attribute,
which must be unique in the container/OU. The "Name" property is actually a
property method which returns the rdn. For user objects the rdn is "cn="
appended to the cn attribute. If you modify cn, the Name property method
will return the correct value. The Name property method itself is read-only.

To modify cn you must use the MoveHere method of the parent container
object. For example:

strUserDN = "cn=TestUser,ou=Sales,dc=MyDomain,dc=com"
strNewCN = "JoeUser"
Set objUser = GetObject("LDAP://" & strUserDN)
Set objContainer = GetObject(objUser.Parent)
Set objNewUser = objContainer.MoveHere(objUser.AdsPath, "cn=" & strNewCN)

Once you have bound to the user object, you could use:

strNewCN = objUser.sAMAccountName

--
Richard
Microsoft MVP Scripting and ADSI
HilltopLab web site - http://www.rlmueller.net
--