Recipe5.16.Changing the Display Name Format in the GAL

Recipe 5.16. Changing the Display Name Format in the GAL

Problem

Your GAL currently displays user names with the first name first; you need to switch things so that the last name is displayed first.

Solution

Using VBScript

' Script taken from: '  MS KB 277717 (How to Change the Display Names of Active Directory  '                Users with Active Directory Services Interface Script) ' This code can change existing users in a given  ' organizational unit (OU) to the Lastname, Firstname format rem chgdisplay.vbs - Changes the display names of all users in a given OU to the rem format of Lastname, Firstname. rem Usage = cscript chgdisplay.vbs "OU=My Ou, DC=My Domain, DC=com" rem OU must be enclosed in quotes if it contains spaces in the name Dim strTargetOU ParseCommandLine( ) wscript.echo strTargetOU wscript.echo wscript.echo "Changing Display names of users in " & strTargetOU Set oTargetOU = GetObject("LDAP://" & strTargetOU) oTargetOU.Filter = Array("user") For each usr in oTargetOU         if instr(usr.SamAccountName, "$") = 0 then                 vLast = usr.get("Sn")                 vFirst = usr.get("GivenName")                  vFullname = vLast + ", " + vFirst                     usr.put "displayName", vFullName                     usr.setinfo                 wscript.echo usr.displayName         end if Next Sub ParseCommandLine( )           Dim vArgs           set vArgs = WScript.Arguments           if vArgs.Count <> 1 then                       DisplayUsage( )           Else                      strTargetOU = vArgs(0)           End if End Sub Sub DisplayUsage( )         WScript.Echo          WScript.Echo "Usage:  cscript.exe " & WScript.ScriptName & _                      " <Target OU to change users display names in>"          WScript.Echo "Example: cscript " & WScript.ScriptName & " " & _                      chr(34) & "OU=MyOU,DC=MyDomain,DC=com" & chr(34)         WScript.Quit(0) End Sub

Discussion

By default, AD creates new user and contact objects with a canonical name (CN) based on the first and last names you supply, with the first name coming first. Thus, a user named "Tim O'Reilly" will end up as cn=Tim O'Reilly. This is normal and natural. However, some organizations insist on having the GAL sorted by last name. If you fall into that category, you have a couple of choices.

First, you could follow the procedures described in MS KB 250455 to change the way those CNs are created for new accounts, but you must be careful not to run afoul of the character restrictions described in MS KB 276266. In particular, creating CNs like cn=O'Reilly, Tim is a big no-no because of the embedded comma; you can use a backslash to escape embedded commas, but who wants to see strings like cn=O'Reilly\, Tim? It also wouldn't help you with existing accounts, because the GAL is actually built using the displayName property. When the object is created, its CN is copied to the displayName property unless you specify a separate display name at creation time. Thus, a better approach is to adjust the displayName property itself, since this has no impact on normal LDAP behavior. The previous script enumerates each user object in the selected container, skipping machine accounts or accounts (like Administrator) that don't have a first name or last name set, then resetting the display name for accounts that have a first and last name defined. You'd need to re-run the script later to catch and fix any objects added after the first time you ran it; better yet, you could schedule it as a task to run periodically.