LDAP Export: Need to change DN on export

I'm trying to export the DN from Active Directory, but rather than have the CN equal to the displayName, need it to be the SAMAccountName. Can anyone help with this? I've tried adfind with the -replacedn switch and it changed the CN to SAMAccountName, but not the value. Thanks!

Example:

dn: CN=young\, neil,DC=example,DC=com
displayName: young\, neil
SAMAccountName: nyoung

Want the 开发者_运维知识库export output to be:

dn: CN=nyoung,DC=example,DC=com

This is not something you can easily change.

When they create users in Active Directory, as you type First Name and then Last Name the ADUC MMC tool builds a displayName of First Last, and uses that by default as the CN= component.

You could go and rename every object to cn=sAMAccountName value, but you would also have to force everyone with access to create a user to start doing that as well.

If you have an Identity Management solution of some kind creating the users, and not using manual processes this is trivial to implement. And for large solutions, it is really the only scalable model for CN values in AD. After all sAMAccountName must be domain unique, so this guarantees no naming collisions in CN parts of DN's.