Link to home
Start Free TrialLog in
Avatar of Bladey001
Bladey001Flag for United Kingdom of Great Britain and Northern Ireland

asked on

Bulk username change

Dear Experts,

In AD our user logon names are firstname.surname@company.com and our Pre-Windows 2000 logon name are Company\FirstinitialSurname

We need to change all our Pre-Windows 2000 logon names to firstname.surname

What's the easiest way to do this for all users? (Hundreds of users in multiple OUs) Also what implications are there for instance on Exchange and file server folder permissions?
ASKER CERTIFIED SOLUTION
Avatar of Mahesh
Mahesh
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of footech
footech
Flag of United States of America image
Using PowerShell and the MS AD cmdlets.
Import-Module ActiveDirectory
Get-ADUser -filter * | ForEach {
   $newsam = ("$($_.givenname).$($_.surname)").ToLower()
   Write-Output "Changing $($_.samaccountname) to $newsam"
   Set-ADUser _.samaccountname -SamAccountName $newsam -whatif
}

Open in new window

Comment out or remove the Write-Output line if you don't want any feedback, and remove the -whatif parameter from Set-ADUser to run for real.  With the -whatif parameter in place, no changes will be made.

Neither Exchange or folder permissions should be affected.  Folder permissions in particular are referenced by the account's SID which doesn't change.  You may want to ask the question in the Exchange topic area for a more definitive answer regarding that, as Exchange isn't my strongest area, but I don't see it being an issue as renaming a user is a common task.