Would like some responses as to what you are using for naming of users
in AD for "larger" implementations. (10k+)

The current situation they have been using the "Lastname, FirstName" in
the displayName and the CN in AD.

This, of course, is problematic as to name collisions within AD for the
likes of more than one "Smith, John".

Making it more interesting, "Smith, John" could get moved from one OU in
AD where "Smith, John" was valid to another OU where a different "Smith,
John" might be located and there for it is not valid and can not be moved.

What are you doing and how is it working out?