ALTER LOGIN after Windows user or group name has been changed

If a Windows AD group or user has been renamed, and if that group or user was granted access to SQL Server in the past, then you can use ALTER LOGIN to rename the login inside of SQL Server:

ALTER LOGIN [myDomain\oldName] WITH NAME = [myDomain\newName]

It is not necessary to adjust user names in SQL Server databases that this login has access to, but you may want to do it just for consistency. Here is the command to do that:

ALTER USER [myDomain\oldName] WITH NAME = [myDomain\newName]

Note that renaming an AD user or group does not change its SID. You can check an AD user or group’s SID with psgetsid, part of the very handy Sysinternal tool suite.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.