Solved

Login problems with  AD useraccounts when the username contains special characters

Posted on 2014-11-27
3
555 Views
Last Modified: 2014-11-28
Hi,

We encounter login problems with  AD user-accounts when the username contains special characters like é or ü ......users cannot login! Hope someone has a solution because the 1500 user-account are imported!

Thanks!

Kind regards,
Dave
0
Comment
Question by:graphitbv
  • 2
3 Comments
 
LVL 29

Expert Comment

by:becraig
ID: 40468689
Please see the Microsoft link below:
http://support.microsoft.com/kb/938447

The diacritic mark is not supported for user names (AD should have just change the diacritic to the normal letter), however you may try to have the user sign in without it:
e.g
stéinr  could probably login as steinr
0
 

Expert Comment

by:Pinpindesbois
ID: 40468869
Maybe i have a solution.

Go to powershell with AD module write this command:
Get-ADUser -filter * -Searchbase 'OU=your1500users,DC=contoso,DC=com' | ? {$_.sAMAccountname -cmatch'[é ü ]'}  | Select sAMaccountname | Export-csv -path C:\username.csv -NTI

Open in new window


Then go to your csv, copy the column A ( ctrl+c ,on excel). Replace every é by e, ü by u (CTRL+F -> replace -> search é and replace with E...) on the column A . Rename A1 by samaccountname1.
Then paste the original A column on B. Save your CSV.

Then execute this powershell script:

Import-Csv C:\username.csv | foreach {
$samoriginal = $($_.samaccountname)
$samnew = $($_.samaccountname1)
$samnew1 = $samnew + "1"
Set-ADUser -identity $samoriginal -samaccountname $samnew1 -UserPrincipalName "$($samnew1)@contoso.com"
Set-ADUser -identity $samoriginal -samaccountname $samnew -UserPrincipalName "$($samnew)@contoso.com"
}

Open in new window


This code will change the sam account name and UPN.
I don't know if it works. If an expert understood what i mean, can you correct me?
0
 
LVL 29

Accepted Solution

by:
becraig earned 500 total points
ID: 40468882
The rename of the Sam account may be a possible direction however it seems the user imports have already happened ?

If so then as per Microsoft:
The German umlaut characters are interpreted to be the same as their base characters. For example, the "ü" character is interpreted to be the same as the "u" character. When this problem occurs, a user who is named "Muller" cannot be created if a user who is named "Müller" already exists. Similarly, a user who is named "Meissner" cannot be created if a user who is named "Meißner" already exists.

As such I would have users test with both the English and German versions of the name to be sure the AD did not simply replace the diacritic mark with the English version e.g: ü  with u

I would probably run a quick check against the list of users I have:

e.g:

gc userlist.txt | % {get-aduser $_}

This would help to see if the users were actually inserted to match your input file, we could add more filters, but I would at least verify the presence in the AD before making any changes.
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question