locked
Active Directory account update - new and old accounts in SharePoint RRS feed

  • Question

  • Hello,

    In our active directory environment, we recently updated a user account to reflect a last name change.  Because of the last name change, the users login changed from corp\old last name.first name to corp\new last name.first name.  In SharePoint, when I try to add a user to a group, or add them on a permissions list, I see both of their accounts - the old login and the new.  

    How would I go about completely removing the old account - corp\old last name.first name completely from the site collection?

    Thursday, September 15, 2011 1:26 PM

Answers

  • The user able to log in with the new account name, right?

    We ran into the same thing, I think. We changed our group naming convention in AD, but it wasn't reflected in SP's permission listings. The way I recall it is that, essentially, domain/janesmith is an alias given to an id that might be 83726. When the user is changed to domain/janebrown, the id remains 83726. The ID is the same, even if the name changes. 

    We re-ran the profile imports but it didn't change the name shown in the SP permissions. 

    Might not be the answer you were looking for, but it hasn't hurt anything in our environment.

    Friday, September 16, 2011 12:47 AM

All replies

  • Hi,

    Whether you have deleted the old profile from AD?

    If not then your new account is taken as new profile while import.

    Delete this account in AD and in sharepoint execute STSADM migrateuser.

    You can refer this here:

    http://technet.microsoft.com/en-us/library/cc262141(office.12).aspx

    I hope this will help you out.


    Thanks, Rahul Rashu
    Thursday, September 15, 2011 7:23 PM
  • We didn't delete the account, we only changed the login name for the user from the old last name to the new last name.
    Thursday, September 15, 2011 7:43 PM
  • Ok,

    SO changed the user name at active directory itself.

    I suggest you to execute a full profile import and then execute STSADM command.

    I hope this will help you out.


    Thanks, Rahul Rashu
    Thursday, September 15, 2011 7:49 PM
  • The user able to log in with the new account name, right?

    We ran into the same thing, I think. We changed our group naming convention in AD, but it wasn't reflected in SP's permission listings. The way I recall it is that, essentially, domain/janesmith is an alias given to an id that might be 83726. When the user is changed to domain/janebrown, the id remains 83726. The ID is the same, even if the name changes. 

    We re-ran the profile imports but it didn't change the name shown in the SP permissions. 

    Might not be the answer you were looking for, but it hasn't hurt anything in our environment.

    Friday, September 16, 2011 12:47 AM