domain change

95 pts.
Tags:
User accounts
I have a sql 2005 server that supports a 3rd party app. Users connect with win/sql authentication, the 3rd party app then has an interface to add the users to the database. In sql logins you see mydomainmyname. In the users in the database you only see myname. We are converting domains, which means I need to script out all logins and users. The trick is now the login will be newdomainamemyname. The usernames in the database could stay the same but would be mapped to the old logins. At the login level I know how to script them all out and then do a quick replace with the new domain name. The trick is the users and either scripting them out out making sure when the logins go back in that they are mapped to the correct users. Any ideas on how to handle this? Thanks

Answer Wiki

Thanks. We'll let you know when a new response is added.

There’s no need to change our the login names for the new domain name.  The name which is displayed there is only so that you can read it.  SQL Server actually tracks logins by the SID which it gets from Active Directory.

As long as you are either doing a domain rename, or you are using the Account Migration tool (if you aren’t just renaming the AD domain) you shouldn’t need to do anything as all the SIDs will match already.

If you are building a new domain, and you aren’t going to migrate the users with the same SIDs then you’ll need to create new logins and new users as the SIDs between the logins and the users won’t match.  You’ll need to script out the existing users so that you capture database role membership and permissions then delete them and recreate them using the new login names.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • tcstl
    Problem is the 3rd party app also stores info in a table, domain/username, not the SID.  So I have to make some changes,  I was wondering if I can use the sp to fix logins for the windows accounts
    95 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following