Username won't change in AD

First off... I am running Server 2008 and Exchange 2010.
I have a user who needed their last name changed. I changed it in Exchange and AD. The email address is correct with the new name and the logon account and username are correct with the new name.

However, when on a file server, I try to add that user's permissions on a folder, it keeps showing up with the old name. I go into the Security of the folder, add the user and it shows the new name. Then, I go back into the properties of the folder, and the old name appears again.

What gives? How can I change this?
lenivanAsked:
Who is Participating?
 
Darius GhassemConnect With a Mentor Commented:
How do you know AD is still on there?

Run dcpromo /forceremoval on the failed DC
0
 
xDUCKxCommented:
In ADUC right click the account and choose "rename."  It sounds like the display name isn't changed, but the login credentials and everything else is.
0
 
Darius GhassemCommented:
A reboot is going to be required to fully update if I remember right. Might just a total log off and log on but I think it might be a reboot
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
However, when on a file server, I try to add that user's permissions on a folder - How many DC\GC do you have ... i guess it more of a replication delay will clear off in sometime

- Rancy
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
You can always check the logon server on the file server and check if that DC has the changes made to the AD account :)

- Rancy
0
 
lenivanAuthor Commented:
The account was already renamed correctly and all account records use the new username.
I have rebooted the file server and even gave it 48 hours to update. The issue remains.

In the security tab of the properties window of a folder, I enter the user's new name and click "check names." The correct (new) name appears. When I click "ok" to accept, the old name is used.

That's where I'm stuck. Also, when the user logs on to a workstation using their new name, it still loads the profile from the old name.
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Take a dump of users attributes and see whats the mess with ...

Get-Mailbox "UserName" |fl
Get-User "Username" |fl
Get-recipient "UserName" |fl

- Rancy
0
 
lenivanAuthor Commented:
Rancy,
I ran a dump as you suggested and nothing there points to the old name. I believe I've been able to narrow the problem down to this 1 particular file server. Every other server seems to accept the new name without issue.

How do I force replicate to a file server?
0
 
Darius GhassemCommented:
Reboot the file server this will update all security settings.
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
is this just a file server ?
Which server is the logon ?
Is it in Domain or work group ?

Replication can be forced between DC's not files server :(

- Rancy
0
 
lenivanAuthor Commented:
I think I'm getting closer to the source of the issue.
This used to be a DC years back, but has since been downgraded to a file server. It seems to have AD still installed on it even though it's not listed anywhere in the Server Roles.

How do I remove this installation of AD if it's not listed under roles or in add/remove progs?
0
 
Darius GhassemCommented:
Run metadata cleanup on AD to make sure this server is removed

http://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
WOW .... that some news !!

try with metadata cleanup as details shared above :)

- Rancy
0
 
lenivanAuthor Commented:
The metadata was cleaned a long time ago. I just went through the steps to confirm and all is correct. There is no trace of that file server as a domain controller anywhere. And yet, AD is still, for some reason, on there.
0
 
lenivanAuthor Commented:
I've run dcpromo /forceremoval and can confirm that this server is no longer a DC, but Active Directory still remains on it.
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
If the force removal was successful how can AD still remain and how do you know about it ?

- Rancy
0
 
lenivanAuthor Commented:
AD still remains because it is listed in my Program Files under
C:\WINDOWS\system32\dsa.msc
and I can still open it.
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Its a Support tool :)

I can even install these on a XP and work ... that wouldnt mean its a DC\GC ?

- Rancy
0
 
theras2000Commented:
When you open dsa.msc, right-click on the top item 'Active Dir. Users & Comps.' and go to 'Change Domain Controller'.  That lets you see which DC you're looking at and which others are available.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.