We use a lot of Active directory to integrate in our internal application. We

Question

0

Asked: May 27, 20262026-05-27T05:43:57+00:00 2026-05-27T05:43:57+00:00

We use a lot of Active directory to integrate in our internal application. We

0

We use a lot of Active directory to integrate in our internal application. We often have a field like “Submitted by” where we end up putting the samAccountName of the user.

This seems great but there are odd occasions where the samAccountName of the user can change. This throws off the history of the tables in question.

How do you handle this type of situation?

Use the ObjectGuid field?
Use a readable custom field in AD that never changes? %%%
I shouldn’t bother with this as the samAccountName rarely changes?
Other??

%%% we technically do this right now. I’m trying to get away from this. When we create a new user, we put the samAccountName in a custom field in AD. This field value never changes even if the user’s samAccountName changes. I’m trying to get away from this as it is causing issue porting the applications to other companies (have to re-write that part of the code). I want to learn what other people are doing.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T05:43:57+00:00

Editorial Team

2026-05-27T05:43:57+00:00Added an answer on May 27, 2026 at 5:43 am

I would probably use objectGUID as the best option; that’s a value that really should not change at all.

SID might be another option, but that can change, too, if the user is moved in the AD forest (at least in that case, the old SID will be accessible in the SidHistory attribute of that user)

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

We use a lot of Active directory to integrate in our internal application. We

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply