Link to home
Start Free TrialLog in
Avatar of gdemoura6555
gdemoura6555

asked on

Bulk change of User logon name Pre Windows 2000 -- sAMAcoountName

Good afternoon Experts
I have a task to change the user logon name for all the users in my OU and eventually in our domain. Curently, logon format is A000001. A000002 and so on.  In AD properties for users, under Account Tab both User Logon Name and User Logon Name Pre-Windows 2000 have A000001 (Say for user Alan Jones).
Now I need to change logon account for all the users from A000xxx format to ABC000yyy. I have Tool from Dovestone which can import the data from a file and User Logon name but it cant change User Logon Name Pre-Windows 2000.
All the client system are on Win XP. But if I dont change the User Logon Name Pre-Windows 2000, it does not accept the new logon account say ABC00012. But it will logon with old account which is on Pre windows 2000 that is A000001.
I want a script which can copy new user account from "User Logon Name" to "User Logon Name Pre-Windows 2000" and hopefully after user can logon with new account name ABC00yyy.

If anyone has different opinion I can try that.

Thanks
CJ  
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Hey CJ,

Not too hard to do, the script below is VbScript, you'll need to save it off as .vbs.

It doesn't make any changes at the moment, that bit is commented out until you've had a chance to see what it does.

I recommend you run it with this on the command line:

cscript scriptname.vbs

It means all the things it tells you appear on the command line rather than as lots of popup windows.

HTH

Chris

Const ADS_SCOPE_SUBTREE = 2
 
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
 
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
 
Set objRootDSE = GetObject("LDAP://RootDSE")
objCommand.CommandText = "SELECT sAMAccountName, userPrincipalName, distinguishedName " &_
	"FROM 'LDAP://" & objRootDSE.Get("defaultNamingContext") &_
	"' WHERE objectClass='user' AND objectCategory='person'"
Set objRootDSE = Nothing
 
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
 
While Not objRecordSet.EOF
	' User Principal Name is the "User Logon Name"
	strUPN = objRecordSet.Fields("userPrincipalName").Value
 
	' User Principal Name is in the format username@domain.com. Grab the first part only.
	strUsername = Split(strUPN, "@")(0)
 
	' SAM Account Name is the "User Logon Name Pre-Windows 2000"
	strSAMAccountName = objRecordSet.Fields("sAMAccountName").Value
 
	' If the first bit of the UPN isn't the same as the SAMAccountName it'll be changed
	If strSAMAccountName <> strUsername Then
		' Connect to the user account in AD
		Set objUser = GetObject("LDAP://" & objRecordSet.Fields("distinguishedName"))
		
		WScript.Echo "Resetting SAMAccountName for " & objUser.Get("name") &_
			" : Old: " strSAMAccountName & " New: " & strUsername
 
		' These lines make and commit the change. Check it does what you want first!
		' objUser.Put "sAMAccountName", strUsername
		' objUser.SetInfo
 
		' Disconnect from the User
		Set objUser = Nothing
	End If
	objRecordSet.MoveNext
Wend
 
objConnection.Close
 
Set objRecordSet = Nothing
Set objCommand = Nothing
Set objConnection = Nothing

Open in new window

Avatar of gdemoura6555
gdemoura6555

ASKER

Hi Chris
I was expecting reply from you. U seem to be Guru in scripting :)
I saved the above script as cs.vbs file and tried from command prompt csript cs.vbs which didnt work. Also I tried to execute it directly but it shows error on line 38 (file attached) . I am not that comfortable with vb scripting. I am also referring to your solution in previous post
https://www.experts-exchange.com/questions/22050926/a-script-to-copy-user-logon-name-pre-windows-2000-to-user-logn-name.html?sfQueryTermInfo=1+2000+copi+from+logon+name+pre+user+window

I have test environment where I can test your script. Also I need to run this script on users in specific OU only. Your help is greatly appreciated

Thanks
CJ
err1.JPG
ASKER CERTIFIED SOLUTION
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gdemoura6555
gdemoura6555

ASKER

Thanks Chris you rock!
Can you tell me how can I execute it its just report now. How can I check the changes in AD guess I need to change some line which is commented. Also can you send me links or site to refer about windows scripting. Curious to learn abt it. Last but not the least , the script just changes sAMAccountname only nothing else correct?
If possible send me the details of commands used in above script.

Thanks
CJ
Avatar of gdemoura6555
gdemoura6555

ASKER

Hey Champ send few links where I can start learning scripting. Thanks again
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

:)

Correct, it only changes the SAMAccountName. The lines we need are these:

                ' These lines make and commit the change. Check it does what you want first!
                ' objUser.Put "sAMAccountName", strUsername
                ' objUser.SetInfo

Apostrophe is the comment character, we we just need to make them into:

                ' These lines make and commit the change. Check it does what you want first!
                objUser.Put "sAMAccountName", strUsername
                objUser.SetInfo

Which makes it do things.

Verification will just be by clicking on things, provided it doesn't come up with any errors :)

Learning though, I strongly recommend you look into PowerShell rather than VbScript. VbScript can do lots, but PowerShell can do more (Exchange 2007 and Server 2008 all make good use of it). The only downside is it won't work on Windows 2000, so a bit of a disappointment if you need to look after that.

Now learning resources, they're a tricky one for me. I don't really do the whole structured learning thing, I jump right in at the deep end and see if I can swim from there. Fortunately, not everyone has so little discipline, fellow expert and MVP Brandon has a tonne of links in his profile for places to begin:

https://www.experts-exchange.com/M_4238767.html

And you'll need to download it, of course :)

http://www.microsoft.com/windowsserver2003/technologies/management/powershell/default.mspx

I'm still quite happy to explain the script above in detail if you'd like, just let me know. But if you only want it to start learning scripting I'd recommend you don't worry about it.

Incidentally, if it's helpful I can rewrite the script above into PowerShell to give you an idea of it all?

Chris