We are not an Exchange shop. (We are currently a Domino/Notes shop. I've learned the hard way how painful name changes are there!)
We had two locations which began independently merge. The current business model calls for complete standardization across all locations. One location had account names "FirstNameFirstInitialOfLastName" (ie, "richardm"), and one location was FirstInitialOfFirstNameLastName (ie, rmcclary). Those of us in the trenches would prefer to have the policies apply to new accounts only. So, the reason for posting this was, first, hoping some folks would point out some of the issues I may have missed in my original posting in order avoid a user denied services because an old account name existed somewhere. We are also wanting to have as complete a list as possible in order to determine the resources required to make these changes company-wide. Thanks! -- richard "Andrew S. Baker" <[email protected]> 04/20/2011 10:44 PM Please respond to "NT System Admin Issues" <[email protected]> To "NT System Admin Issues" <[email protected]> Press this button if the "To" is a fax number. Enter in the fax number like 123-456-7890. cc Subject Re: Changing [most] login names in Active Directory Richard, what is the business driver for the secondary parts of this request? The name change is fine, but what is the benefit of changing all the other parts? Are you using Exchange? Are the aesthetics going to be changed there as well? -ASB: http://about.me/Andrew.S.Baker Sent from my Motorola Droid On Apr 20, 2011 2:17 PM, <[email protected]> wrote: > Greetings! > > Our company (around 500 or so people) is considering changing the login > names for possibly all our users. For example, I may be changed from > logging in as "richardm" to "richardm01", etc. > > Being changed from one login name to another is just one field in Active > Directory Users and Computers (ADUC). However... > > 1. For housekeeping purposes, we would like to have the name of the home > directory for each user to match the new login name. This gets > complicated as, if the folder is its own share (ie, ".\richardm$"), then > the folder would first need to be un-shared. Then it could be re-named > and re-shared. Then it's back to ADUC to change the path for the share > and perhaps the roaming profile (if it is not inside the user's home > directory). > > 2. We know of at least two applications (help desk system and telephone > user client) which authenticate using AD. So, the administration client > for whatever applications we can remember would need to be used to make > the name changes, one-at-a-time. > > So, I've been told to ask the forum: > > 1. Has anyone else done a mass login-name-rename, company wide? We have > done it on an individual basis, but not company-wide. > > 2. For local profiles... should we consider changing those as well (for > housekeeping purposes)? I believe that would involve renaming the folder > in "Documents and Setting" and also adding the path in ADUC. (That field > is most likely blank for users currently with no roaming profile). Once > the profile folder is re-names, would permissions change as well (and then > need to be changed)? Thing is here, if we do not do this correctly, then > the user logs in and no longer has their desktop icons, their "My > Documents" folder, and most user settings are back to the default. > Administrators would then need to have that person log out, then copy the > contents of the old profile folder into the new profile folder and adjust > the permissions. Example, they rename my ".\richardm\" profile folder > gets renamed ".\richardm01". In my experience, there's a worse than even > chance that when I log in, I'll not have my docs and settings. An > administrator will look at the file system and see that, besides the > ".\richardm01" folder, there is a new ".\richardm01.001" folder. > > > 3. If so, were issues other than those mentioned? > > Thank you... > -- > Richard D. McClary > Jr Infrastructure Architect, Information Technology Group > ASPCA® > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
