Hello guys,

When you rename a user account in on a computer that is running Windows 7, the user profile path is not changed automatically. It may cause some confusion when the %SystemDrive%\users folder is viewed, especially when some software use this path.

Because my AD hosts about one thousand users and computers, and because users can log on several computers.

I want to create a script which compare in a csv file that I own (SId, samaccountname) and the list of profile you can see by exploring "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" of each computer.

Then, the idea is to rename the property :ProfileImagePath and of course the user folder with the name (c:\users\test; c:\users\renametest : for example).

Did anybody do that ? 

Thank you for help, guys

Hi,

Why doesn't the directory get renamed automatically? Because for a feature to exist, somebody has to implement it. (Wishful thinking does not cause a feature to spring into existence.)

What have you searched for so far, and with what results?

Bill

Start by scanning users in AD and matching samAccountName with the profile path name if one has been set.  If the profile has not been roamed then you have an issue.  YOU would have to access every users on every computer and match the samName with the folder name.  YOU would also need to look at Group Policy to be sure that it has not redirected any folders.

This is not an easy script to write and test.  Yu do not want to unleash a script on 1000 users that can disconnect them from their configuration

1.  Look for third party tools to accomplish this.
2.  Hire a consultant that knows AD and understands how to accomplish this.
3.  Leave well enough alone.

In the end you should not really be using direct access to the user folders.  If you need to find the current folder then ask the system to tell you the name of the users profile folders.  This is how Windows is designed to work.

If you roam the profile and newly redirect the folders using Group Policy all folders will get fixed by the system.  The un-roamed or local copy of the folder on the work station can be deleted and it will be correctly created with the current user name.  This is an advanced technique and requires that you know how to use Group Policy and also know how to verify that it is working correctly.

I recommend leaving well-enough alone.

Also, how often are you renaming user accounts?  Example at my company this is only done for marriage/divorces and when the initial request was misspelled.  Maybe totals a dozen changes a year with around 2000 users.

if you're talking a handful of users it would be more cost-effective to just have a process/policy to rename the folders as you rename the accounts.  Or for those already renamed, adjust the folder(s) e.g. xcopy the contents over if/when a problem arises.  It would only be worth investing more than a couple hours of time if there is a widespread change such as your company's policy has changed from username=firstinitial.lastname to firstname.lastname or something like that.

Nick has an excellent point.  This needs a very clear and concise policy directive.  The policy should consider and account for all issues that can be discovered.  The policy should drive the mechanism for renaming accounts.

Hi,

Thank you for your answer.

Why ? I could say because I was asked for ! Actually, several Active Directory are concerned.
For a migration purpose, objects have to be renamed to respect compagny naming rules (an object must be unique !)

In an another way too, let see the script as a tool which minimize the daily burden.
"A chaque jour suffit sa peine" I do not know the equivalent in English language.
May be : "Sufficient unto the day is the evil thereof" issued by an automatique translator !

Nevertheless, only some users are concerned (less than one hundred). But it remains a boring work in particular because users log on several PC on the LAN!
Why to do that, in fact ?
Because an crucial application we can't modify/move, fails ; that is why we take care.

Here are main steps, I founded :

0- Create a csv file with 3 columns (SID,oldname,newname) ; extract 2 first property in AD and add the third one
1- Profil list on the concerned PC (only domain SID that computer belong to)
2- For each founded profil read input file (step 0) if matches then modify registry key (profileimagepath) and C:\Users\oldname (explorer) with newname

Step 0 is OK
Step 1 Stuck to extract list of SID I see in the "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"

I hope that explanation will help about why...

PATMOY

You seem to already know the answer so I wonder why you asked the question.

s long as you factor all elements in correctly for your implementation  then you should be OK.

It is far easier and safer to use a full migration via redirection and roaming.  Once set up users can be moved and renamed as needed.  If this is a one-time thing then it is not necessary.

Currently, I am stuck to extract SID I see in the registry under  ProfileList to a csv file.

I tried get-itemproperty and get-item which gave me property of the key but not the list of SID that I see.

Thank you for your help

So you haven't really tried any of this yet.

As recommended above.  You need to start with a policy statement and a design.

If you are just asking various "how do I?" questions about PowerShell then just open a topic with the specific question.

The instructions on how to get registry information is in the PowerShell help.  How you need to use this depends on how you are writing your script.

Get-ItemProperty cannot be easily used remotely with the registry.

I highly recommend that you just roam the profiles and let the system do the renaming.

This gets the SID List.

(get-itemproperty SOFTWARE\Microsoft\'Windows NT'\CurrentVersion\ProfileList\*).PSChildName

Hi,

Thank you for your advice.

First, I will study this case by considering GPO and will study "registry provider" in powershell in an other hand.

Secondly, may be it will be more suitable manually as the http://support.microsoft.com/kb/245436 explain

because this is not an easy script to do.

Best Regards

That KB article is about disk cluster size and has nothing to do with profiles.

Here's a PowerShell command that outputs the profile paths on the current computer and each profile's associated SID:

Sorry,

This is correct.

Here is the right link :

http://support.microsoft.com/kb/2454362

Thank you for that Powershell command.

PAt

Yes - those are the instructions.  They are mainly targeted at standalone machines as no effort is made to address issues that may result due to Group Policy and roamed profiles.  This will normally be OK but it can be problematic.  I recommend you proceed with caution.

The issues will GP and roaming are why I prefer using GP and roamed profiles to manage user accounts.  If I rename the user I can just delete the local profiles.  The profile will then be copied from the network.  If your users only log on from one machine then this is not necessary although it provides a constant backup of the profile. 

In old times (NT4) roamed profiles were very slow and fragile.  In Windows Vista and later they are extremely fast after the first two or three logins on any machine.  The ones on my networks log in in between 1 and 5 seconds.  Users can log into any machine and have all settings be identical assuming the same software set.  I have been using this on all networks since WS2003 SP1.  It is a tremendous timesaver.  We were able to migrate from WS2003/XP to Windows 2008R2/Win7 almost completely transparently.  Even Outlook migrated as expected showing only a simple I/F to the user asking for two (three?) clicks to complete (no answers required - just click 'OK').  Moving to a second workstation required no user intervention.  If a workstation fails it