How to change login name of user in Active Directory

Question

I want to change in my .NET application login of user from Active Directory.

I'm changing it in this way now:

DirectoryEntry userToUpdate = updatedUser.GetDirectoryEntry();  
userToUpdate.Properties["sAMAccountName"].Value = user.NewLogin;  
userToUpdate.CommitChanges();  

But it doesn't work as I expect. When I'm checking in AD "Active Directory Users and Computers" entry for this user then on tab "account" I see that:
- "User logon name" property isn't updated
- "User logon name (pre-Windows 2000)" property is correcly updated.

How to update correctly login name in AD from C# code? What property should I set in DirectoryEntry, or there is another method to change login name.

Answer 1

There are two logon names in AD:

sAMAccountName    = User logon name, (pre-windows 2000) 
    Format/Usage: domain\user.name (note, your code will only populate user.name)

userPrincipalName = User logon name
    Format/Usage: [email protected]

You need to update both.

Answer 2

Try userPrincipalName instead of sAMAccountName.