locked
How to edit user account name RRS feed

  • Question

  • Is this possible to modify the user account name in the user profiles from domain1\username to domain2\uername through some script?
    Thanks, Arpit
    Monday, February 6, 2012 9:01 PM

Answers

  • I was able to change the accountname for a user using migrateuser but the problem here is that it is able to look up user only when I specify the complete claims token and then it change the accountname to i:0ǹ.t|provider sts|domain2\username in the profile database instead of just domain2\username. Not sure if this is the way it should be. Could you or anyone please help here?

    If you're using claims, it's normal for the account name to contain information on the claims provider rather than the specific account name from the directory. For example, Active Directory accounts normally looks like "i:0#.w|domain\username" and forms authentication will look like "i:0#.f|myprovider|username"

    Jason Warren
    Infrastructure Specialist
    Habañero Consulting Group
    www.habaneros.com/blog

    • Marked as answer by Arpit Goyal Tuesday, February 21, 2012 9:48 PM
    Tuesday, February 21, 2012 9:25 PM

All replies

  • I believe you are looking for the migrateuser stsadm operation.

    For example, you would run the following command to update the user:

    stsadm -o migrateuser -oldlogin domain1\username -newlogin domain2\uername -ignoresidhistory

    I included the -ignoresidhistory parameter as I am assuming this is a new user account and wasn't migrated in AD.

    Monday, February 6, 2012 9:53 PM
  • Thanks Jason for your reply. I did look into this command, but I get an error that User does not exist or is not unique.

    Should both the profiles (domain1\username and domain2\username) be present in the profile database before this command is run or this command kindof replace the oldlogin with the newlogin?


    Thanks, Arpit

    Tuesday, February 7, 2012 3:27 PM
  • The migrateuser stsadm operation will update all references to the user in all databases (so the profile database and all content databases) with the new account name.

    The new account does not need to already exist in the farm, though if it does migrateuser will then also reconcile both the old and new references.

    The error you are seeing sounds like the farm can't look up the new account. Is there a trust between domain1 and domain2?

    • Marked as answer by Pengyu Zhao Thursday, February 16, 2012 9:01 AM
    • Unmarked as answer by Arpit Goyal Tuesday, February 21, 2012 8:51 PM
    Tuesday, February 7, 2012 5:17 PM
  • Thanks Jason.

    I am still getting "User does not exist or is not unique".  As the domain has changed now(domain2\username), I can not look up users using old domain names (domain1\username). I am able to lookup new account(domain2\username) through Sharepoint add users group UI but not the old one.

    Does migrateuser should be able to lookup both logins? old and new?


    Thanks, Arpit

    Friday, February 17, 2012 7:53 PM
  • In one of my other environments, this is working fine if able to lookup new login name. Not sure what is different. Probably the trust thing. Old and new domain might not have trust but will have to confirm with admin.


    Thanks, Arpit


    • Edited by Arpit Goyal Friday, February 17, 2012 9:53 PM
    Friday, February 17, 2012 8:41 PM
  • Hi Jason,

    I was able to change the accountname for a user using migrateuser but the problem here is that it is able to look up user only when I specify the complete claims token and then it change the accountname to i:0ǹ.t|provider sts|domain2\username in the profile database instead of just domain2\username. Not sure if this is the way it should be. Could you or anyone please help here?


    Thanks, Arpit

    Tuesday, February 21, 2012 8:51 PM
  • I was able to change the accountname for a user using migrateuser but the problem here is that it is able to look up user only when I specify the complete claims token and then it change the accountname to i:0ǹ.t|provider sts|domain2\username in the profile database instead of just domain2\username. Not sure if this is the way it should be. Could you or anyone please help here?

    If you're using claims, it's normal for the account name to contain information on the claims provider rather than the specific account name from the directory. For example, Active Directory accounts normally looks like "i:0#.w|domain\username" and forms authentication will look like "i:0#.f|myprovider|username"

    Jason Warren
    Infrastructure Specialist
    Habañero Consulting Group
    www.habaneros.com/blog

    • Marked as answer by Arpit Goyal Tuesday, February 21, 2012 9:48 PM
    Tuesday, February 21, 2012 9:25 PM
  • Thanks again Jason. Thats what I thought.

    Thanks, Arpit

    Tuesday, February 21, 2012 9:47 PM
  • Thanks jason. I was able to change to domain name successfully. But I encountere another issue while calling farm.migrateuser method.

    I get an error after calling the same "Object reference not set to an instance of an object".

    Do you have any idea what might be the reason for the same. User accountname has been modified to new login name but at the end it throws above error.

    Any thoughts?

    I found this article about same issue but didn't try it yet.

    http://codearound.blogspot.com/2010/03/stsadm-o-migrateuser-generates-error.html


    Thanks, Arpit



    • Edited by Arpit Goyal Thursday, February 23, 2012 7:32 PM
    Thursday, February 23, 2012 7:28 PM