Applying the policy to new accounts or to existing accounts is easy enough.
My question pertains more to the idea of including home directories and other back-end portions of the infrastructure that don't have a visible user impact. *ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) *Harnessing the Advantages of Technology for the SMB market... * On Fri, Apr 22, 2011 at 11:09 AM, <[email protected]> wrote: > > We are not an Exchange shop. (We are currently a Domino/Notes shop. I've > learned the hard way how painful name changes are there!) > > We had two locations which began independently merge. The current business > model calls for complete standardization across all locations. One location > had account names "FirstNameFirstInitialOfLastName" (ie, "richardm"), and > one location was FirstInitialOfFirstNameLastName (ie, rmcclary). > > Those of us in the trenches would prefer to have the policies apply to new > accounts only. So, the reason for posting this was, first, hoping some > folks would point out some of the issues I may have missed in my original > posting in order avoid a user denied services because an old account name > existed somewhere. We are also wanting to have as complete a list as > possible in order to determine the resources required to make these changes > company-wide. > > Thanks! > -- > richard > > > > *"Andrew S. Baker" <[email protected]>* > > 04/20/2011 10:44 PM > Please respond to > "NT System Admin Issues" <[email protected]> > > To > "NT System Admin Issues" <[email protected]> > Press this button if the "To" is a fax number. Enter in the fax number > like 123-456-7890. > cc > Subject > Re: Changing [most] login names in Active Directory > > > > > Richard, what is the business driver for the secondary parts of this > request? > > The name change is fine, but what is the benefit of changing all the other > parts? Are you using Exchange? Are the aesthetics going to be changed there > as well? > > -ASB: *http://about.me/Andrew.S.Baker* <http://about.me/Andrew.S.Baker> > > Sent from my Motorola Droid > > On Apr 20, 2011 2:17 PM, > <*[email protected]*<[email protected]>> > wrote: > > Greetings! > > > > Our company (around 500 or so people) is considering changing the login > > names for possibly all our users. For example, I may be changed from > > logging in as "richardm" to "richardm01", etc. > > > > Being changed from one login name to another is just one field in Active > > Directory Users and Computers (ADUC). However... > > > > 1. For housekeeping purposes, we would like to have the name of the home > > directory for each user to match the new login name. This gets > > complicated as, if the folder is its own share (ie, ".\richardm$"), then > > the folder would first need to be un-shared. Then it could be re-named > > and re-shared. Then it's back to ADUC to change the path for the share > > and perhaps the roaming profile (if it is not inside the user's home > > directory). > > > > 2. We know of at least two applications (help desk system and telephone > > user client) which authenticate using AD. So, the administration client > > for whatever applications we can remember would need to be used to make > > the name changes, one-at-a-time. > > > > So, I've been told to ask the forum: > > > > 1. Has anyone else done a mass login-name-rename, company wide? We have > > done it on an individual basis, but not company-wide. > > > > 2. For local profiles... should we consider changing those as well (for > > housekeeping purposes)? I believe that would involve renaming the folder > > in "Documents and Setting" and also adding the path in ADUC. (That field > > is most likely blank for users currently with no roaming profile). Once > > the profile folder is re-names, would permissions change as well (and > then > > need to be changed)? Thing is here, if we do not do this correctly, then > > the user logs in and no longer has their desktop icons, their "My > > Documents" folder, and most user settings are back to the default. > > Administrators would then need to have that person log out, then copy the > > > contents of the old profile folder into the new profile folder and adjust > > > the permissions. Example, they rename my ".\richardm\" profile folder > > gets renamed ".\richardm01". In my experience, there's a worse than even > > chance that when I log in, I'll not have my docs and settings. An > > administrator will look at the file system and see that, besides the > > ".\richardm01" folder, there is a new ".\richardm01.001" folder. > > > > > > 3. If so, were issues other than those mentioned? > > > > Thank you... > > -- > > Richard D. McClary > > Jr Infrastructure Architect, Information Technology Group > > ASPCA® > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
