I’m doing a bit of work in preparation to upgrade our MS Exchange environment. One of the requests made was to identify AD accounts which had a duplicate CN. This may occur when you create users with the same name, but in different OUs in Active Directory.
I came across this post by Scott Lowe in 2006 about doing it with dsquery and logparser, but with Powershell now available I could do it in this instead.
Below is the 2 lines to do this. Note I use Quest AD management cmdlets, so you may need these.
$users = Get-QADUser -Sizelimit 0 $users | group name |sort count -descending
Yes, it’s really that simple. Duplicate account names are rare in AD, so with this command if there are any, they should appear in the first few lines. If you have a lot of user accounts, I recommend piping this out to file and opening in a text editor.