Help

AD Account Rename + Mobile Accounts

kburns
New Contributor III

Posted on ‎02-27-2018 08:19 PM

Back story:

The information security team in my organization is currently working towards standardizing the naming scheme of some 4000+ Active Directory accounts. This means changing the login ID of those 4000+ accounts.

The problem:

Our Macs are bound to AD, and our users are logging into the Macs with AD/Mobile accounts.

The question:

On the Windows side of things, we've seen no issues with these changes so far through our testing. The users were able to log in using the new user ID without any issues.

The Macs, on the other hand, are giving us some issues. We're able to log into the mobile account, but anything that requires obtaining a kerberos ticket seeems to fail.

Has anyone had to go through a process like this in the past, and if so, what method did you use to accomplish this process with no hands-on work required for each device?

Thanks!

Labels:
0 Kudos
Reply
4 REPLIES 4

EdLuo
Contributor II

Posted on ‎02-28-2018 05:52 AM

Take a look here...
https://www.jamf.com/jamf-nation/discussions/22037/active-directory-username-change

0 Kudos
Reply

kburns
New Contributor III

Posted on ‎02-28-2018 08:21 PM

Thanks @EdLuo! This looks perfect for needing to move users 1 by 1, but with several hundred Mac users in our environment, I'm not sure that this will work for us. @rtrouton's script does look promising though. I think I may be able to modify it to fit our automated needs with a bit of work.

0 Kudos
Reply

gmillercmsd12
New Contributor

Posted on ‎08-13-2018 02:54 PM

@kburns where you able to modify the script from @rtrouton to work on OS10.12 or higher? We are looking for the same need, but I have not had any luck with the script producing the appropriate prompts. Any info would be appreciated.

0 Kudos
Reply

raphhyyy
New Contributor III

Posted on ‎04-22-2020 03:43 PM

I'd like to tag on @gmillercmsd12 comment for @kburns if there's any update by a chance?

0 Kudos
Reply