update user name change from AD to sharepoint 2007

edukate
edukate used Ask the Experts™
on
Hi there,
We have changed the user name in AD of a user several months ago but the change hasn't propagated to our sharepoint.. New users are getting updated in sharepoint however
I haven't found any good howto's on this but this looks like it may not be an easy task to perform http://groups.google.com/group/microsoft.public.sharepoint.windowsservices/browse_thread/thread/f2721800a477f800

stsadm.exe -o migrateuser
           -oldlogin <DOMAIN\name>
           -newlogin <DOMAIN\name>
           [-ignoresidhistory]

C:\>stsadm.exe -o migrateuser -oldlogin <...> -newlogin <...> -
ignoresidhistory

Open in new window

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
I'm assuming you are using MOSS. Did you configure profile imports? Do they succeed?

You can also try:
stsadm -o sync -DeleteOldDatabases 0
stsadm -o sync -IgnoreIsActive 1

This will delete the old MOSS -> WSS profile sync databases and rebuild them at the next interval (default 1 hour).

Commented:
If using MOSS and profile importing, jakirkhan's referenced solution should work on a one by one basis. The stsadm commands I posted above, along with successful profile imports, do a mass update of the UserInfo table.

Author

Commented:
yes its MOSS.
The user is referenced is varoius lists etc so if removing and adding would cause these to be lost would the first solution above get around this?

Commented:
The first solution here wipes out the profile sync databases for all site collections (and all objects within). These are then rebuilt at the next time timer job interval (default 1 hour).

The profile sync databases are what relate the MOSS profiles to the WSS profiles. Sharepoint itself uses the WSS profiles for most items, except the MOSS-specific features.

Author

Commented:
OK so does that mean that either of these solutions above would update the user name / attributes in MOSS but cause the user data within lists etc to be lost?

Commented:
The stsadm command above will not change any permissions or data. It only forces the UserInfo table to rebuild. The actual documents/list items/etc. are not modified. The manually solution does involve removing and re-adding the user for each item.
Minesh ShahSharePoint & all about it
Commented:
Oh Yes, I too have seen this in my org.
Remove that user & Add again (Go to Peaple & Groups > All People (Apprears just below all group names in quick launch)).
I was Trainee whle i entered & now after getting updated my designation, still OLD SITE COLLECTIONS WHERE I HAD ACCESS FROM EARLIER DAYS SHOWS OLD DESIGNATION..
I recon this is recored when we give access & never gets updated.

Commented:
@edukate
Let me rephrase my previous response. The stsadm commands above will force a rebuild of the User Profiles database. The User Profiles database updates the UserInfo table used by WSS. The UserInfo table is what WSS uses to display the name, title, email, etc. I am mentioning WSS specifically since this process does not involve MOSS. Where MOSS comes into play is the profile imports.

Short answer is I believe those commands will give you the desired result without affecting any data, permissions, or anything else. It will just update the fields displayed. Even if it doesn't work, it won't cause any harm since it will just rebuild the database.

@MineSharePoint
That's a somewhat correct conclusion. WSS updates the info on any "active" member on a per-site basis. Meaning when a user makes a change in an object on the site, WSS is supposed to update their profile (including displayed attributes) for the site. It updates the profile using the info from the UserInfo table. When using MOSS and the profile import, this is supposed to be in sync with AD (or other provider(s)). However, sometimes this gets out of sync (especially when renaming a user). The first stsadm command I posted above wipes out the sync database and causes it to rebuild, this grabbing the most recent info to populate the UserInfo. The second stsadm command says to also update "inactive" users, thus causing all sites and site collections to update even if the user doesn't make a change.

Manually removing and adding the user is not necessary. It can work in small organizations, but does not scale. Sharepoint is a portal system that is meant to be scalable to large enterprises.

Author

Commented:
Hey geowrian,
I ran these yesterday
stsadm -o sync -DeleteOldDatabases 0
stsadm -o sync -IgnoreIsActive 1

But it hasn't resolved the problem.. The account still exists the same as before.
If I select the user from a list I must enter origusername. When I view presence info for this all other details show newusername
In AD if I do a search for origusername no results are found so there's nothing left over in AD..
Will try jacurcken's solution unless you know anything else I might try?

Commented:
That's very strange. Just two days ago I was tasked with migrating a standalone install to a new Server 2008 server on a domain, and had to rename many accounts, migrate user data, etc. I had the exact same issue pop up. Once I setup the profile import, ran those commands, and waited an hour, all the usernames/titles/etc. in every sharepoint site collection and site automatically updated, as well as the list results. Before running the commands, it would show the old user's info, but clicking on it showed the update user's info from AD.

Is there anything in the event viewer that indicates an error/warning regarding profile import, database merging, syncing, timers, etc.?

This may sound stupid, but is the web application that is experiencing the issue attached to the correct SSP (the one that does the profile importing)? I'm assuming you are using Windows authentication (either Kerberos, NTLM, or even Basic), correct?

Author

Commented:
jacurcken's solution worked.. Geo - yeap exact same problem as what you describe when clicking on it showed the update user's info from AD..
Thanks for your help guys..

Commented:
Sorry the bulk option didn't work for you - I've seen this issue so many times myself, and know many other people having the same issue. However, the normal, bulk fix didn't work for you. I'm glad you got it worked out - have fun.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial