RESOLUTION

How to obtain the hotfix

This issue is fixed in the Microsoft Windows SharePoint Services post-Service Pack 1 Hotfix Package that is dated March 29, 2005. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

API information

The Windows SharePoint Services post-Service Pack 1 hotfix package that is dated March 29, 2005 contains an API that you can use to update Windows SharePoint Services with the migrated user information. This new API is made up of the following data:

• Namespace: Microsoft.SharePoint.Administration
• Class: SPGlobalAdmin
• Method: MigrateUserAccount

Method usage

 /// <summary>
  /// Migrate a WSS user to a new login name.
  /// </summary>
  /// <param name="oldLogin">Old login name</param>
  /// <param name="newLogin">New login name</param>
  /// <param name="enforceSidHistory">If true, Active Directory will be
  /// queried to ensure that the specified old login name is contained
  /// within the new login name's SID history.</param>

  public void MigrateUserAccount(string oldLogin,
                                 string newLogin,
                                 bool enforceSidHistory);

Example

 SPGlobalAdmin g = new SPGlobalAdmin();
  string oldLogin = @"DOMAIN\user";
  string newLogin = @"DOMAIN\user2";
  bool enforceSidHistory = true;

  g.MigrateUserAccount(oldLogin, newLogin, enforceSidHistory);

Parameters

• Old login name Replace this value with the original pre-migration user name of the migrated user. This user name must be in the domain\username format.
• New login name Replace this value with the new post-migration user name of the migrated user. This user name must be in the domain\username format.
• enforceSidHistory Set this value to True to require that the SID History attribute of the user name that you specified in the New login name value contains the SID of the user name that you specified in the Old login name value. Alternatively, if you do not want the SID History attribute to be verified, set the enforceSidHistory value to False.

Additionally, the following new command is added to the Stsadm.exe command-line tool:

If you do not specify the -ignoresidhistory parameter in this command line, the command queries Active Directory for the SID History attribute. This attribute is automatically populated by Microsoft Windows when you migrate a user to another domain.

Error messages

The following error messages are available:

• You receive a "The user does not exist" error message if either of the following conditions is true:
  • The user information that you specify in the new login name value is a domain group.
  • The records have not been updated because the original user logon information or the original user SID was not found in the content database.
• If the new user account does not have an SID History field, or if none of the SIDs in that field match an SID in the content database, you receive the following error message:

  Cannot complete this action. Please try again

  Note You also receive this error message if the user information that you specify in the old login name value is corrupted.
• If the user information that you specify in the new login name value is corrupted, you receive the following error message:

  The user or group ' -newlogin argument ' is unknown.