[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


After domain rename, user logon points to old domain

Posted on 2012-08-16
Medium Priority
1 Endorsement
Last Modified: 2012-08-24
I just completed a successful domain rename.  However, I just noticed that most all of the users AD account's logon name still point to the old domain.  In other words, if you view the properties of a users AD account, the user logon name is username@olddomain. I can manually click the drop down arrow and choose the new domain, however, there are about 500 user accounts that need to be changed.

How can I change this property for all accounts at one time?

Question by:A.V.
  • 2
  • 2
LVL 39

Accepted Solution

Krzysztof Pytko earned 2000 total points
ID: 38303636
You can simply use for that MS DS Tools. On a DC in command-line type

to prepare users list
dsquery user -samid * -limit 0 | dsget user -samid | find /v "dsget" | find /v "samid" >>c:\users.txt

Open in new window

and now, you can simply update users
for /f %i in (c:\users.txt) do dsquery user -samid %i | dsmod user -upn %i@NewDNSDomainName -c

Open in new window

example new UPN %i@testenv.local

and UPN will be changed


Author Comment

ID: 38313898
Thanks so much for your help..
When I run this command
for /f %i in (c:\users.txt) do dsquery user -samid %i | dsmod user -upn %i@NewDNSDomainName -c
I get an error stating -c is an unknown parameter...any ideas why?
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 38315406
No problem, you're welcome :)

strange -c means continue if any error found. Try to skip that -c and check if it would work for you :)


Author Closing Comment

ID: 38330631
This worked perfectly.  Thanks!

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question