Does the sAMAccountName rename practice based on employment status makes sense?

Solution 1:

Does the sAMAccountName rename practice based on employment status makes sense?

No, it doesn't.

Don't overload any Name fields with other purposes. A name is supposed to identify an individual. You don't try to stuff their company, department, or payroll info into the name field.

aren't other alternatives that would play better with other systems?

Use an OU, a group membership, or one of the extensionAttribute* fields to indicate temp-vs-perm status.

Solution 2:

It seems that you have already experienced the consequences of why your current practice of using the naming convention to distinguish between temporary and permanent employees isn't that well thought out.

I've found that often the temporary employee has the same responsibilities and restrictions as a permanent employee in the same role and only real technical differences between the two you might want to implement in their AD accounts are:

• temporary employees get an account that expires at the end of their contract
• permanent employees get an account without expiration date
• temporary staff often come in though a purchasing department rather than HR, meaning they don't receive the normal employeeID numbers through the HR systems and there you'll need to set up something different for temps.

You may also have business requirement to have multiple flavours of an all-staff mailinglist for company-wide announcements (e.g. one for everyone, one excluding temps and one only for the temps) and should be able to manage that and other business requirements with groups.