Is the primary identifier of an Active Directory user the 'logonname' attribute? | ansaurus

tags:

active-directory

views:

129

answers:

1

+3 Q:

Is the primary identifier of an Active Directory user the 'logonname' attribute?

For security purposes, is the primary identifier of an Active Directory user the 'logonname' attribute?

For example a user with the logonname "bob" is first created then removed from AD, then an another user is created again with the logonname "bob" - is this new user, from a security perspective, equivalent?

The reason I ask this question is due to some recent peculiarities with opening a PST mailfile - as the above example, a user has been removed then recreated with the same loginname, this new user is not permitted to open the previous users pst file despite sharing the same username.

Thanks.

+4 A:

No, the objectSid (a SID) is the primary ID when it comes to assigning permissions. A new user with the same name will have a different objectSid, and therefore will not be able to access files which the original user had permission to.

Sean Bright 2009-02-12 22:42:30

ZING! An answer in less than 10 minutes - I love this forum.Thanks Sean!

Ash Kim 2009-02-12 22:52:22

related questions

Querying Active Directory with "SQL"?

Can I get more than 1000 records from a DirectorySearcher in Asp.Net?

How to get AD User Groups for user in Asp.Net?

Attempting to update a user's "connect to:" home directory path in AD using C#

Monitoring group membership in Active Directory more efficiently (C# .NET)

How do I speed up data retrieval from .NET AD within ColdFusion

How do you authenticate against an Active Directory server using Spring Security?

Managing large user databases for single-signon.

Move Active Directory Group to Another OU using Powershell

How to move SharePoint sites from one active directory domain to another?

When did I last talk to my Domain Server?

Using ActiveDirectoryMembershipProvider with two domain controllers

I am having trouble getting phpBB to authenticate with our Active Directory

How do I use ADAM to run unit tests?

COMException "Library not registered." while using System.DirectoryServices

Caching Active Directory Data

Windows / Active Directory - User / Groups

Get a list of available domains (NT4 and Active Directory)

How do I use NTLM authentication with Active Directory

I/O permission settings using .net installer

quoting System.DirectoryServices.ResultPropertyCollection

How do you impersonate an Active Directory user in Powershell?

Setting Group Type for new Active Directory Entry in VB.NET

Is there a way for MS Access to grab the current Active Directory user?

Checklist for IIS 6/ASP.NET Windows Authentication?