Posts Tagged 'stsadm'

Add existing users to Sharepoint in “Active Directory Account Creation Mode”

If you run a WSS 3.0 Farm in the so called Active Directory Account Creation Mode you can not add existing users to your site collection. You are restricted to users that were created in the respective site collection.

To work around this limitation, you can abuse the stsadm utility to publish an existing user into a site collection:

  1. Log in to your portal and create a new user, name it “dummy” with a non-existing E-Mail address like dummy@dummy.local
  2. On your Webserver, start a command prompt and navigate to C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\Bin
  3. From there, run the STSADM utilty:
stsadm.exe -o migrateuser -oldlogin MYDOMAIN\dummy -newlogin MYDOMAIN\myExistingUser -ignoresidhistory

This will replace all Sharepoint-internal references to the dummy user by references your existing user. That way your existing user is visible in the isolated site collection.

Some notes about this techniques:

  • User attributes such as E-Mail, Title, Position, etc will not be updated along with the user SID.
  • If a user called dummy already existed, Sharepoint will create a User like dummy1 instead. I suggest you take a look at the dummy users creation date in Active Directory before issuing the stadm command.
  • Delete the dummy user after the migration.
  • The user references are being updated in the whole Sharepoint Farm.
  • If you dont specify -ignoresidhistory, the SID histories of both users will be compared for matches. And if there are no matches, the operation will fail.