Mass Username Change-How do I do it?

[Guest Dalton, Randall P.]

We have about 350 end users on our Windows Server 2003 network. All clients

are XP SP2. Our present username format is first initial, middle initial,

lastname. Is there a way to change that format to firstname.lastname? I

don't want to have to change all of them manually.

 

 

Thanks,

 

Randy

[Guest Richard Mueller [MVP]]

Re: Mass Username Change-How do I do it?

 

Randy wrote:

> We have about 350 end users on our Windows Server 2003 network. All

> clients are XP SP2. Our present username format is first initial, middle

> initial, lastname. Is there a way to change that format to

> firstname.lastname? I don't want to have to change all of them manually.

 

It can be done with a VBScript program. Perhaps several command line tools

could be used as well. The first thing is to clarify what is to be changed.

Is it the "Common Name", the NT Name (also called the "Windows 2000 logon

name"), or the display name?

 

The Common Name must be unique in the container/OU. You must rename the

object to change it. The NT Name must be unique in the domain. It can be

modified directly. Also, are the first name and last name fields in ADUC

filled in? Otherwise, we need some source for the value of firstname.

 

Assuming you are changing the NT Names and that the first name and last name

fields are filled in, a VBScript program to modify all users in AD

(including Administrator, Guest, etc.) could use ADO to retrieve the values

for all users, then bind to each user object and modify. For example:

================

Option Explicit

Dim adoCommand, adoConnection, strBase, strFilter, strAttributes

Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strDN

Dim objUser, strFirst, strLast

 

' Setup ADO objects.

Set adoCommand = CreateObject("ADODB.Command")

Set adoConnection = CreateObject("ADODB.Connection")

adoConnection.Provider = "ADsDSOObject"

adoConnection.Open "Active Directory Provider"

adoCommand.ActiveConnection = adoConnection

 

' Search entire Active Directory domain.

Set objRootDSE = GetObject("LDAP://RootDSE")

strDNSDomain = objRootDSE.Get("defaultNamingContext")

strBase = "<LDAP://" & strDNSDomain & ">"

 

' Filter on all user objects.

strFilter = "(&(objectCategory=person)(objectClass=user))"

 

' Comma delimited list of attribute values to retrieve.

strAttributes = "distinguishedName,givenName,sn"

 

' Construct the LDAP syntax query.

strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

adoCommand.CommandText = strQuery

adoCommand.Properties("Page Size") = 100

adoCommand.Properties("Timeout") = 30

adoCommand.Properties("Cache Results") = False

 

' Run the query.

Set adoRecordset = adoCommand.Execute

 

' Enumerate the resulting recordset.

Do Until adoRecordset.EOF

' Retrieve values.

strDN = adoRecordset.Fields("distinguishedName").Value

strFirst = adoRecordset.Fields("givenName").Value & ""

strLast = adoRecordset.Fields("sn").Value & ""

' Skip users with either first or last name missing.

' This will probably skip all built-in user accounts.

If (strFirst <> "") And (strLast <> "") Then

' Bind to user object.

Set objUser = GetObject("LDAP://" & strDN)

' Assign new NT name (pre-Windows 2000 logon name).

objUser.sAMAccountName = strFirst & "." & strLast

' Save changes. Trap error in case this is a duplicate name.

On Error Resume Next

objUser.SetInfo

If (Err.Number <> 0) Then

On Error GoTo 0

Wscript.Echo "User " & objUser.sAMAccountName _

& " cannot be renamed " & strFirst & "." & strLast

End If

' Restore normal error handling.

On Error GoTo 0

End If

' Move to the next record in the recordset.

adoRecordset.MoveNext

Loop

 

' Clean up.

adoRecordset.Close

adoConnection.Close

===========

This script could be limited to a specified OU by modifying the base of the

query. For example, to run the script just for the the users in

"ou=TestOU,dc=MyDomain,dc=com":

 

strBase = "<LDAP://ou=TestOU,dc=MyDomain,dc=com>"

 

For more one using ADO in VBScript programs see this link:

 

http://www.rlmueller.net/ADOSearchTips.htm

 

--

Richard Mueller

Microsoft MVP Scripting and ADSI

Hilltop Lab - http://www.rlmueller.net

--

[Guest Dalton, Randall P.]

Re: Mass Username Change-How do I do it?

 

Thanks Richard. That is quite a response.

 

What I am looking to change is the users login name (SAM account name) Will

the script you provided do that?

 

Thanks,

 

Randy

 

"Richard Mueller [MVP]" <rlmueller-nospam@ameritech.nospam.net> wrote in

message news:%23tHDcDU%23HHA.4732@TK2MSFTNGP04.phx.gbl...

> Randy wrote:

>

>> We have about 350 end users on our Windows Server 2003 network. All

>> clients are XP SP2. Our present username format is first initial, middle

>> initial, lastname. Is there a way to change that format to

>> firstname.lastname? I don't want to have to change all of them manually.

>

> It can be done with a VBScript program. Perhaps several command line tools

> could be used as well. The first thing is to clarify what is to be

> changed. Is it the "Common Name", the NT Name (also called the "Windows

> 2000 logon name"), or the display name?

>

> The Common Name must be unique in the container/OU. You must rename the

> object to change it. The NT Name must be unique in the domain. It can be

> modified directly. Also, are the first name and last name fields in ADUC

> filled in? Otherwise, we need some source for the value of firstname.

>

> Assuming you are changing the NT Names and that the first name and last

> name fields are filled in, a VBScript program to modify all users in AD

> (including Administrator, Guest, etc.) could use ADO to retrieve the

> values for all users, then bind to each user object and modify. For

> example:

> ================

> Option Explicit

> Dim adoCommand, adoConnection, strBase, strFilter, strAttributes

> Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strDN

> Dim objUser, strFirst, strLast

>

> ' Setup ADO objects.

> Set adoCommand = CreateObject("ADODB.Command")

> Set adoConnection = CreateObject("ADODB.Connection")

> adoConnection.Provider = "ADsDSOObject"

> adoConnection.Open "Active Directory Provider"

> adoCommand.ActiveConnection = adoConnection

>

> ' Search entire Active Directory domain.

> Set objRootDSE = GetObject("LDAP://RootDSE")

> strDNSDomain = objRootDSE.Get("defaultNamingContext")

> strBase = "<LDAP://" & strDNSDomain & ">"

>

> ' Filter on all user objects.

> strFilter = "(&(objectCategory=person)(objectClass=user))"

>

> ' Comma delimited list of attribute values to retrieve.

> strAttributes = "distinguishedName,givenName,sn"

>

> ' Construct the LDAP syntax query.

> strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

> adoCommand.CommandText = strQuery

> adoCommand.Properties("Page Size") = 100

> adoCommand.Properties("Timeout") = 30

> adoCommand.Properties("Cache Results") = False

>

> ' Run the query.

> Set adoRecordset = adoCommand.Execute

>

> ' Enumerate the resulting recordset.

> Do Until adoRecordset.EOF

> ' Retrieve values.

> strDN = adoRecordset.Fields("distinguishedName").Value

> strFirst = adoRecordset.Fields("givenName").Value & ""

> strLast = adoRecordset.Fields("sn").Value & ""

> ' Skip users with either first or last name missing.

> ' This will probably skip all built-in user accounts.

> If (strFirst <> "") And (strLast <> "") Then

> ' Bind to user object.

> Set objUser = GetObject("LDAP://" & strDN)

> ' Assign new NT name (pre-Windows 2000 logon name).

> objUser.sAMAccountName = strFirst & "." & strLast

> ' Save changes. Trap error in case this is a duplicate name.

> On Error Resume Next

> objUser.SetInfo

> If (Err.Number <> 0) Then

> On Error GoTo 0

> Wscript.Echo "User " & objUser.sAMAccountName _

> & " cannot be renamed " & strFirst & "." & strLast

> End If

> ' Restore normal error handling.

> On Error GoTo 0

> End If

> ' Move to the next record in the recordset.

> adoRecordset.MoveNext

> Loop

>

> ' Clean up.

> adoRecordset.Close

> adoConnection.Close

> ===========

> This script could be limited to a specified OU by modifying the base of

> the query. For example, to run the script just for the the users in

> "ou=TestOU,dc=MyDomain,dc=com":

>

> strBase = "<LDAP://ou=TestOU,dc=MyDomain,dc=com>"

>

> For more one using ADO in VBScript programs see this link:

>

> http://www.rlmueller.net/ADOSearchTips.htm

>

> --

> Richard Mueller

> Microsoft MVP Scripting and ADSI

> Hilltop Lab - http://www.rlmueller.net

> --

>

>

[Guest Richard Mueller [MVP]]

Re: Mass Username Change-How do I do it?

 

Yes. The line that assigns a new value for login name is:

 

objUser.sAMAccountName = strFirst & "." & strLast

 

The value of strFirst comes from the "givenName" attribute. The value of

strLast comes from the "sn" attribute. These attributes correspond to the

fields labeled "First name" and "Last name" on the "General" tab of ADUC. If

these fields are not populated you need some other source for the values.

 

--

Richard Mueller

Microsoft MVP Scripting and ADSI

Hilltop Lab - http://www.rlmueller.net

--

 

"Dalton, Randall P." <RPDalton@bibb.net.com> wrote in message

news:45F0B345-BB25-4F9B-A38D-DBC8F0B3E3B7@microsoft.com...

> Thanks Richard. That is quite a response.

>

> What I am looking to change is the users login name (SAM account name)

> Will the script you provided do that?

>

> Thanks,

>

> Randy

>

> "Richard Mueller [MVP]" <rlmueller-nospam@ameritech.nospam.net> wrote in

> message news:%23tHDcDU%23HHA.4732@TK2MSFTNGP04.phx.gbl...

>> Randy wrote:

>>

>>> We have about 350 end users on our Windows Server 2003 network. All

>>> clients are XP SP2. Our present username format is first initial,

>>> middle initial, lastname. Is there a way to change that format to

>>> firstname.lastname? I don't want to have to change all of them

>>> manually.

>>

>> It can be done with a VBScript program. Perhaps several command line

>> tools could be used as well. The first thing is to clarify what is to be

>> changed. Is it the "Common Name", the NT Name (also called the "Windows

>> 2000 logon name"), or the display name?

>>

>> The Common Name must be unique in the container/OU. You must rename the

>> object to change it. The NT Name must be unique in the domain. It can be

>> modified directly. Also, are the first name and last name fields in ADUC

>> filled in? Otherwise, we need some source for the value of firstname.

>>

>> Assuming you are changing the NT Names and that the first name and last

>> name fields are filled in, a VBScript program to modify all users in AD

>> (including Administrator, Guest, etc.) could use ADO to retrieve the

>> values for all users, then bind to each user object and modify. For

>> example:

>> ================

>> Option Explicit

>> Dim adoCommand, adoConnection, strBase, strFilter, strAttributes

>> Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strDN

>> Dim objUser, strFirst, strLast

>>

>> ' Setup ADO objects.

>> Set adoCommand = CreateObject("ADODB.Command")

>> Set adoConnection = CreateObject("ADODB.Connection")

>> adoConnection.Provider = "ADsDSOObject"

>> adoConnection.Open "Active Directory Provider"

>> adoCommand.ActiveConnection = adoConnection

>>

>> ' Search entire Active Directory domain.

>> Set objRootDSE = GetObject("LDAP://RootDSE")

>> strDNSDomain = objRootDSE.Get("defaultNamingContext")

>> strBase = "<LDAP://" & strDNSDomain & ">"

>>

>> ' Filter on all user objects.

>> strFilter = "(&(objectCategory=person)(objectClass=user))"

>>

>> ' Comma delimited list of attribute values to retrieve.

>> strAttributes = "distinguishedName,givenName,sn"

>>

>> ' Construct the LDAP syntax query.

>> strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

>> adoCommand.CommandText = strQuery

>> adoCommand.Properties("Page Size") = 100

>> adoCommand.Properties("Timeout") = 30

>> adoCommand.Properties("Cache Results") = False

>>

>> ' Run the query.

>> Set adoRecordset = adoCommand.Execute

>>

>> ' Enumerate the resulting recordset.

>> Do Until adoRecordset.EOF

>> ' Retrieve values.

>> strDN = adoRecordset.Fields("distinguishedName").Value

>> strFirst = adoRecordset.Fields("givenName").Value & ""

>> strLast = adoRecordset.Fields("sn").Value & ""

>> ' Skip users with either first or last name missing.

>> ' This will probably skip all built-in user accounts.

>> If (strFirst <> "") And (strLast <> "") Then

>> ' Bind to user object.

>> Set objUser = GetObject("LDAP://" & strDN)

>> ' Assign new NT name (pre-Windows 2000 logon name).

>> objUser.sAMAccountName = strFirst & "." & strLast

>> ' Save changes. Trap error in case this is a duplicate name.

>> On Error Resume Next

>> objUser.SetInfo

>> If (Err.Number <> 0) Then

>> On Error GoTo 0

>> Wscript.Echo "User " & objUser.sAMAccountName _

>> & " cannot be renamed " & strFirst & "." & strLast

>> End If

>> ' Restore normal error handling.

>> On Error GoTo 0

>> End If

>> ' Move to the next record in the recordset.

>> adoRecordset.MoveNext

>> Loop

>>

>> ' Clean up.

>> adoRecordset.Close

>> adoConnection.Close

>> ===========

>> This script could be limited to a specified OU by modifying the base of

>> the query. For example, to run the script just for the the users in

>> "ou=TestOU,dc=MyDomain,dc=com":

>>

>> strBase = "<LDAP://ou=TestOU,dc=MyDomain,dc=com>"

>>

>> For more one using ADO in VBScript programs see this link:

>>

>> http://www.rlmueller.net/ADOSearchTips.htm

>>

>> --

>> Richard Mueller

>> Microsoft MVP Scripting and ADSI

>> Hilltop Lab - http://www.rlmueller.net

>> --

>>

>>

>