When you attempt to add a new user or object to the Active Directory (AD), you are unable to do so and one of the following error messages may be displayed:
The object <name of user or object being created> could not be created.
The problem encountered was;
An attempt was made to add an object to the directory with a name that is already in use.
Windows cannot create the new user object because the name <username> is already in use. Select another name, and try again.
Windows cannot create the specified object because: The specified user already exists.
The user logon name you have chosen is already in use in this enterprise. Choose another logon name, and then try again.
Microsoft has confirmed that this is a problem in Microsoft Windows 2000.
Windows 2000 requires that the following three things be unique in order for a new object to be created:
- The downlevel logon name needs to be unique throughout the Windows 2000 domain for backward compatibility with computers that are running Windows NT 4.0.
- The user logon name (user principal name, UPN) needs to be unique throughout the forest.
- The Relative Distinguished Name (RDN), commonly referred to as the "friendly" name, must also be unique within the same container.
Objects (such as printers, users, and so forth) can have the same name, but just not exist in he same container. This means that there can be a user <John Doe> in the Organizational Unit (OU) named Marketing, and also a <John Doe> in the OU named Sales. There can also be as many objects in the AD named <John Doe> as needed, just as long as each one belongs in a different container.
Article ID: 234051 - Last Review: February 26, 2007 - Revision: 2.2
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server