You can rename user accounts in Active Directory in several ways. You can use AD graphical snap-ins, command-line tools, or PowerShell cmdlets.
How to Rename an Active Directory User with Active Directory Console?
The easiest and most intuitive way to rename an AD user is to use the Active Directory Users and Computers snap-in (ADUC).
- Open the ADUC console by running the dsa.msc command;
- Enable the following option in the top menu: View > Advanced Features;
- Use an Active Directory search to find the user you want to rename (or expand the Active Directory OU where the user locate manually);
- Open the user properties and go to the Object tab. The user’s full name is specified in the Canonical name of object field. This is the name that is displayed in the ADUC console and other Windows and AD tools;
- To rename a user, right-click on it and select Rename;
- In the window that opens, you can change the Full Name (Canonical name of object), First name, Last name, Display Name, as well as userPrincipalName and userlogonname (samAccountName/ pre-Windows 2000) attributes;
- Specify a new user name and save changes.
You can also rename a user by manually editing the appropriate attributes on the Attribute Editor tab in the user’s properties.
How to Rename an Active Directory User with PowerShell?
You can use cmdlets from the PowerShell Active Directory module module to rename a user in AD. The base cmdlets are Rename-ADObject and Set-ADUser.
- Rename-ADObject — allows you to change the values of the attributes: cn, distinguishedName, name;
- Set-ADUser — allows you to change samAccountName, UPN, given name, surname, and other names of a user.
If you want to rename a user using Rename-ADObject, you must specify its DistinguishedName. For example:
Rename-ADObject –identity “CN=Olivia Williams,OU=Users,OU=California,OU=USA,DC=theitbros,DC=com” -NewName "Olivia Jones"
Hint. You can add the PowerShell whatIf parameter to a command to get information about the operation that the command will perform.
To make the command easier, you can get the user’s identity by name or samAccountName with the Get-ADUser cmdlet:
Get-Aduser O.Williams | Rename-ADObject -NewName "Olivia Jones"
You can use the Set-ADUser command to rename names in other user attributes.
List the available attributes and their values:
Get-ADUser o.Williams | fl *name*
You can change other user settings with the Set-ADUser cmdlet. For example:
Get-ADUser o.Williams | Set-ADUser –displayname “Olivia Jones” –SamAccountName o.jones –Surname “Jones”
You can use the dsmove.exe command-line tool to rename a user. This syntax is used:
dsmove "<UserDN>" -newname "<NewUserName>"
For example, let’s change Olivia’s last name:
dsmove.exe "CN=Olivia Williams,CN=Users,DC=theitbros,DC=com" -NewName "Olivia Jones"