SharePoint 2010: Update user accounts after domain rename

Posted on by

one of my customers did a domain renaming lately in his network. Unfortunately, he forgot to consider his SharePoint environment and was wondering why the bad SharePoint system is not working after this “small” environmental change. Unfortunately, he also forgot to mention this important structural change to me before Smile(but this is another story).

“The roof… the roof. The roof is on fire” is a part of a famous song of the band the Bloodhound Gang. This probably describes exactly how the whole situation was looking like.

Fortunately, it took me not all too much to make SharePoint running again. The first step was to update the SharePoint service accounts and to do a system reboot. After this, the central administration was working again. So far… so good.

Nevertheless, there was still an additional problem. I managed to access the central administration, however, the users did not manage to login into their TeamSites. After checking the TeamSite I discovered that the permission assignments of these users still showed the old account name references (with old domain). Therefore, it was necessary to update them to reference to the new domain. I found two solutions to do this:

Solution 1: Manual work

  • Update the site collection admin in central administration for the site
  • Login with this account on the TeamSite
  • Assign again the permissions to each single user. This changes automatically the account references with the new domain name

Solution 2: Powershell

After the change of two users I was already worried about the time it might take to update all references. Therefore, I wrote a simple Powershell script that does the job for me. The idea is pretty simple. Let us use the “EnsureUser” method of the web (find here more info about this method) on each single user entry. This makes the same changes and updates the account references for us.

Please note that I executed this script only one one single site collection. You can change it to many site collections without any problems.

Add-PSSnapin Microsoft.SharePoint.Powershell

$rootWeb = Get-SPWeb "yoursite"
$oldDomain = "yourOldDomain"
$newDomain = "yourNewDomain"

#loop through all users in the $rootWeb, change the login name and execute the EnsureUser method
foreach ($user in $rootWeb.Users) {
  $newLogin = $user.UserLogin -replace $oldDomain, $newDomain

  $rootWeb.EnsureUser($newLogin)
}

As usual, before executing such scripts, ensure that you backed up your system before.

It could be that there is a more elegant solution out there that does this job faster, however, in this special case this was my rescue.

 

Hope this helps,

Patrick

This entry was posted in IT-Pro by Patrick Lamber. Bookmark the permalink.
Patrick Lamber

About Patrick Lamber

Patrick Lamber is a long-standing .NET Developer and has offered SharePoint consulting, development, and training services to customers since the launch of SharePoint 2007. He is a both a Microsoft Certified Trainer and a Microsoft Certified IT Professional, and holds Microsoft Certified Professional Development certifications for SharePoint. Patrick founded NUBO with the aim of developing a team of specialized SharePoint professionals delivering great solutions. Furthermore, in his role as SharePoint Competence Manager Patrick is also responsible for building up the SharePoint team for the company Blu Systems GmbH in Munich. Patrick speaks three languages (German, Italian, and English), meaning most of his work is focused on Italy, Germany, Austria, and Switzerland.

2 thoughts on “SharePoint 2010: Update user accounts after domain rename

  1. Hi Patrick, Nice solution. Just wondering if there's a way to ensure that the old accounts are deleted.

    Also, will all the users permissions and group memberships remain the same?

    Thanks,
    Joe

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Powered by Sweet Captcha
Verify your real existence,
Drag the tie to the blazer
  • captcha
  • captcha
  • captcha
  • captcha