Solved

Active Directory Security Principal name is incorrect after Account Re-name

Posted on 2013-06-12
8
1,275 Views
Last Modified: 2013-11-10
Hello
We have a user who was added to Active Directory and their name was mis-spelled initially when they were set up (i.e. Shaun and should have been Sean)

We have renamed the account in Active Directory and this shows correctly on all tabs and windows but when i try to add full access permissions to a mailbox in Exchange and pick this user the Security Principal name displays the old name (Shaun) and the permissions don't work.

My question is, is there any way i can easily change the Security Principal name in Active Directory?
0
Comment
Question by:Dave Robinson
8 Comments
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 39240567
Try this. in ADUC, right click the displayed account (which I think will still show Shaun), and select Rename.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39240569
As you have rename the user it will take time to update the same in exchange wait for sometime and then check.
0
 
LVL 2

Author Comment

by:Dave Robinson
ID: 39241023
Hello,
LeeDerbyshire - i have checked and all options in AD have been renamed.

Sandeshdubey - This was done a few days ago, there would be no way that Exchange would take this long to update from AD.

Thanks
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 39241811
Before I posted that, as a test, I renamed a test account here. I noticed that even though I'd changed everything on the individual ADUC tabs, the name shown in the listing (and the Add Full Permission dialog) did not change until I right-clicked the relevant line in the account list, and chose 'Rename' from there.
0
 
LVL 2

Accepted Solution

by:
Dave Robinson earned 0 total points
ID: 39244037
Hi LeeDerbyshire,
I have tried this today and i am not getting any further i'm afraid.
I may try and restart the server.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 39244074
I would try creating a test account, and see if the same thing happens with that. If so, you could try playing with ADSI Edit, to see if you can find and change the value in the test account without breaking it. It's potentially dangerous territory, though, which is why I suggest doing it with a test account.
0
 
LVL 1

Expert Comment

by:Matsco
ID: 39333324
Has anyone been able to get a resolution to this?

The only way I know of doing this would be to delete the user, keeping the mailbox, create a new AD user and then re-connect back the mailbox to the new user created.

But is there a way of renaming just the Security Principal name without getting into ADSI Edit
0
 
LVL 2

Author Closing Comment

by:Dave Robinson
ID: 39636700
Restarted the Server and this updated the record.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question