Samba: Renaming a User

This document describes how to rename a user account on Samba

Situation Definition

When a user leaves an organization some times we want to simply rename their user for the new accout.

This allows the new user to still use the same profile and other configurations that the previous use did. Think of the scenario where there is a need for a unique username; but a role and terminal with high-turnover - such as reception.

If we were continusly creating new accounts each one would need to have their Windows local-system profile configure. That takes an unfortunate amount of time.

Roaming profiles, if they were present could help the situation. However, roaming profiles come with their own set of issues and may not be implemented. This is a situation where simply renaming the user would save loads of time.

Unfortunately, the Samba tools do not come with a rename utility. The solution will be different between using TDB or LDAP back-end.

Renaming Unix User

For smaller installations this will likely be the solution to use.

Firstly we have to rename the user in our UNIX password database. In these examples the "old" username will be alan and the new username will be bill.

First locate the existing UNIX user for Alan, make note of the UID, GID and home directory path.

getent passwd alan
alan:x:1101:100::/home/alan:/bin/bash
groups alan
jessica : users, lp, front

Remove Alan and add Bill with duplicated settings. Then rename the the home directory.

userdel alan
useradd --comment "Bill Bass"  --home /home/bill --gid 100 -M -u 1101
[ -d /home/alan ] && mv /home/alan /home/bill

One could also directly edit the /etc/passwd files if so desired.

Rename the Samba User

This is operation is similar to above. Collect information about the old user, delete them and then add the new user.

pdbedit -Lv alan
Unix username:        alan
NT username:          
Account Flags:        [U          ]
User SID:             S-1-5-21-296291111-2001118112-231110123-3202
Primary Group SID:    S-1-5-21-296291111-2001118112-231110123-513
Full Name:            Alan Ardvark
Home Directory:       \\smb01\users\alan
HomeDir Drive:        u:
Logon Script:         
Profile Path:         
Domain:               BIG_CO
Account desc:         
Workstations:         
Munged dial:          
Logon time:           0
Logoff time:          never
Kickoff time:         never
Password last set:    Tue, 10 Jan 2010 18:11:42 PST
Password can change:  Tue, 10 Jan 2010 18:11:42 PST
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

Take paticular note of the SID, this is critical!

Delete Alan and add Bill

pdbedit -x alan
pdbedit -u bill -U S-1-5-21-296291111-2001118112-231110123-3202

If there was an existing home directory (such as defined above) then that would need to be renamed.