Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 909
  • Last Modified:

Login problems with AD useraccounts when the username contains special characters

Hi,

We encounter login problems with  AD user-accounts when the username contains special characters like é or ü ......users cannot login! Hope someone has a solution because the 1500 user-account are imported!

Thanks!

Kind regards,
Dave
0
graphitbv
Asked:
graphitbv
  • 2
1 Solution
 
becraigCommented:
Please see the Microsoft link below:
http://support.microsoft.com/kb/938447

The diacritic mark is not supported for user names (AD should have just change the diacritic to the normal letter), however you may try to have the user sign in without it:
e.g
stéinr  could probably login as steinr
0
 
PinpindesboisCommented:
Maybe i have a solution.

Go to powershell with AD module write this command:
Get-ADUser -filter * -Searchbase 'OU=your1500users,DC=contoso,DC=com' | ? {$_.sAMAccountname -cmatch'[é ü ]'}  | Select sAMaccountname | Export-csv -path C:\username.csv -NTI

Open in new window


Then go to your csv, copy the column A ( ctrl+c ,on excel). Replace every é by e, ü by u (CTRL+F -> replace -> search é and replace with E...) on the column A . Rename A1 by samaccountname1.
Then paste the original A column on B. Save your CSV.

Then execute this powershell script:

Import-Csv C:\username.csv | foreach {
$samoriginal = $($_.samaccountname)
$samnew = $($_.samaccountname1)
$samnew1 = $samnew + "1"
Set-ADUser -identity $samoriginal -samaccountname $samnew1 -UserPrincipalName "$($samnew1)@contoso.com"
Set-ADUser -identity $samoriginal -samaccountname $samnew -UserPrincipalName "$($samnew)@contoso.com"
}

Open in new window


This code will change the sam account name and UPN.
I don't know if it works. If an expert understood what i mean, can you correct me?
0
 
becraigCommented:
The rename of the Sam account may be a possible direction however it seems the user imports have already happened ?

If so then as per Microsoft:
The German umlaut characters are interpreted to be the same as their base characters. For example, the "ü" character is interpreted to be the same as the "u" character. When this problem occurs, a user who is named "Muller" cannot be created if a user who is named "Müller" already exists. Similarly, a user who is named "Meissner" cannot be created if a user who is named "Meißner" already exists.

As such I would have users test with both the English and German versions of the name to be sure the AD did not simply replace the diacritic mark with the English version e.g: ü  with u

I would probably run a quick check against the list of users I have:

e.g:

gc userlist.txt | % {get-aduser $_}

This would help to see if the users were actually inserted to match your input file, we could add more filters, but I would at least verify the presence in the AD before making any changes.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now