The following describes the different naming types that are assigned to user accounts in Active Directory.


It is recommended that the user part of both the user logon name and user logon name (pre-Windows 2000) should be the same.



Common Name


  • The common name is displayed in Active Directory User and Computers.


  • This name is not used for authentication.


  • This name does not have to be unique in the domain however must be unique within the container or organizational unit in which it is created.


  • The common name is shown in search results.

       



Display Name


  • The display name is used for display purposes.


  • This name is not used for authentication.


  • This does not have to be unique in the domain.


User Principal Name (UPN)


  • The UPN name is used for authentication by Windows 2000 operating systems and newer.

  • This name must be unique in the forest.




Logon Name (pre-Windows 2000)


  • Also known as the SAM account name, this is used as the primary method of authentication.


  • This name must be unique in domain.

  • This name must not exceed 20 characters.