Changing "display name" does not alter whats shown when searching..
Ok so a co-worker, (whose a programmer but I guess I wont hold that against him ;p)
He created a domain user account by using the ADU&C MMC snapin under his non-admin domain credentials. The user called needing their last name changed, so the co-worker went back in and altered the Last Name and display name fields, hit apply then OK. However when you refresh the OU contents it still displays the old last name.
Then he tells me, I VNC into a DC and double check and sure enough the display name listed after performing a search shows the old last name, but when you view the properties on the account it shows the correct contents.
I have tried altering the CN value under the Attribute Editor tab but when I hit apply I'm given an error:
Operation Failed. Error code: 0x20b1
The attribute cannot be modified because it is owned by the system.
000020B1: UpdErr: DSID-030F0AE8, problem 6004
(CANT_ON_RDN),data 0
So this prompted me to check to see who the Owner is of this account under teh Security tab.. sure enough it's the co-worker. So I change it to the Domain Admin account like the others are but Im given the same error when I try to alter that field again and I cannot change from the account properties box either.
What's going on?
He created a domain user account by using the ADU&C MMC snapin under his non-admin domain credentials. The user called needing their last name changed, so the co-worker went back in and altered the Last Name and display name fields, hit apply then OK. However when you refresh the OU contents it still displays the old last name.
Then he tells me, I VNC into a DC and double check and sure enough the display name listed after performing a search shows the old last name, but when you view the properties on the account it shows the correct contents.
I have tried altering the CN value under the Attribute Editor tab but when I hit apply I'm given an error:
Operation Failed. Error code: 0x20b1
The attribute cannot be modified because it is owned by the system.
000020B1: UpdErr: DSID-030F0AE8, problem 6004
(CANT_ON_RDN),data 0
So this prompted me to check to see who the Owner is of this account under teh Security tab.. sure enough it's the co-worker. So I change it to the Domain Admin account like the others are but Im given the same error when I try to alter that field again and I cannot change from the account properties box either.
What's going on?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
digitap
When I rename AD accounts, I right-click the account and select rename. A wizard will popup then allowing me to change the fields within the account properties.
Just try below
In HKEY_LOCAL_MACHINE\System\
create the following value:
Value name: Allow System Only Change
Data type: REG_DWORD
Value data: 1
I got it from one of the EE post.
In HKEY_LOCAL_MACHINE\System\
create the following value:
Value name: Allow System Only Change
Data type: REG_DWORD
Value data: 1
I got it from one of the EE post.
No need for registry changes, just select 'Rename' as MojoTech mentioned.
This is the proper way to rename a user.
Tony
This is the proper way to rename a user.
Tony
@MojoTech - I had added the comments before refreshing so I didn't realize that I had basically repeated the same directions you provided. Sorry about that...not trying to snipe points.
ASKER
Yeah actually I feel stupid now.. I have seen the Rename function before but it just seemed too easy. But it worked like a champ.