I was recently asked how the samAccountName – also referred to as the login id – could be changed.
First lets look at an account:
PS C:\Scripts> Get-ADUser -Identity 'FredFox'
DistinguishedName : CN=FOX Fred,OU=UserAccounts,DC=Manticore,DC=org
Enabled : True
GivenName :
Name : FOX Fred
ObjectClass : user
ObjectGUID : db5a3975-980d-4749-b9c0-48aff9217b2a
SamAccountName : FredFox
SID : S-1-5-21-759617655-3516038109-1479587680-1314
Surname :
UserPrincipalName : FredFox@manticore.org
Once you’ve confirmed you have the correct account then pipe it into Set-ADUser and use the –samAccountName parameter:
PS C:\Scripts> Get-ADUser -Identity 'FredFox' | Set-ADUser -SamAccountName 'foxfred' -PassThru
DistinguishedName : CN=FOX Fred,OU=UserAccounts,DC=Manticore,DC=org
Enabled : True
GivenName :
Name : FOX Fred
ObjectClass : user
ObjectGUID : db5a3975-980d-4749-b9c0-48aff9217b2a
SamAccountName : foxfred
SID : S-1-5-21-759617655-3516038109-1479587680-1314
Surname :
UserPrincipalName : FredFox@manticore.org
I used the –Passthru parameter so the new account details are shown. Note that the User Principal Name (UPN) isn’t changed. Use the –UserPrincipalName parameter as well if you need to change the UPN at the same time