?
Solved

AD Username Change

Posted on 2013-01-30
4
Medium Priority
?
250 Views
Last Modified: 2013-02-01
We just changed one of our AD usernames. Lets say it was originally JSMI and now it's JSMITH. This is an old account, and it once had to be truncated to fit our systems at the time. Now we're correcting that.

We've renamed it, but have an application that uses IE and passes AD authentication via the browser but it tells me it can't find JSMI. See the snippet below of the error.

Message: Failed to connect. User 'JSMI' does not belong to any group that exists in both ADSI and datasource.

Open in new window


We have confirmed all fields in AD reflect JSMITH. We've even used ADSI Edit to go through the account and everything is JSMITH and no longer JSMI. We don't want to delete the account and start over, but instead we want to find a fix for it.

Thank you!
0
Comment
Question by:tpitch-ssemc
  • 2
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
IntegrityOffice earned 2000 total points
ID: 38837489
PLease confirm how many domain controllers you have and have the changes replicateds and has your application refreshed since you made the name changes or does that need disconnecting from the domain and reconnecting to the domain so that it s search look up groups are not using cached credentials and would then be using the new ones?
0
 
LVL 4

Author Comment

by:tpitch-ssemc
ID: 38837539
We are thinking its a cached credentials situation. We have 2 DCs and yet have since replicated.
0
 
LVL 9

Expert Comment

by:IntegrityOffice
ID: 38837632
Can you force the application server to look at the other DC and thus force a refresh
0
 
LVL 4

Author Closing Comment

by:tpitch-ssemc
ID: 38843675
Still having issue; nothing left to do but delete and readd account. Another tech wishes to continue troubleshooting before deleting account. Just closing this out.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question