Using STSADM -o migrateuser on a re-created account

I see this come up quite a bit and thought I would show you how to work around the problem.  I thought I had show this on my old blog a couple of years ago, but can’t seem to find it.

Scenario

A user in your organization is deleted, and re-created using the same domain and sAMAccountName.  This may have been because of an accident, or a previous employee who left your organization and was then rehired. 

For example, my account in the NA domain with a sAMAccountName of krichie (NA\krichie).   The account was deleted and re-created with the same sAMAccountName (NA\krichie)

Because SharePoint stores SID information with the user in it’s tables, the account will no longer work until you either

1) Remove the user completely and re-add, or

2) Use the STSADM -o migrateuser command

The problem, is that if you try to use -o migrateuser such as:

STSADM -o migrateuser -oldlogin na\krichie -newlogin na\krichie -ignoresidhistory

The command will fail reporting “Cannot complete this action…Please try again”

Cause

This is because the -oldlogin and -newlogin arguments are the same.  As far as stsadm -o migrateuser is concerned, there is nothing to migrate.

Solution

The solution is to migrate the user to a temporary account and then back from the temporary account to the new account with the same name such as:

STSADM -o migrateuser -oldlogin na\krichie -newlogin na\temporaryaccount -ignoresidhistory

STSADM -o migrateuser -oldlogin na\temporaryaccount -newlogin na\krichie -ignoresidhistory

MigrateUser will then see that the accounts are different and allow the operation to be performed.  You then just run again from the temporary account to the new re-created account and your good to go.

HTH

– Keith