Change Users' UPNs

chirschi · 8 July 2016 16:13

Is it possible to change the UPN for all AD users in Octopus? We recently had to change our users’ UPNs so we could sync the accounts with Azure, and it appears Octopus identifies user accounts by UPN instead of DOMAIN\Username.

Is this possible to do with some backend script or something? Or will we need to re-add all of our users?

henrik · 11 July 2016 01:43

Hi,

You would need to write a script that retrieves all your users from the API, then for each domain user you’d need to modify their username with the new UPN and then save it using the API (sample C# script using Octopus.Client below).

var octopusServer = "http://url.to.your/octopus";
var apiKey = "API-xxxxxxxxxxxxxxxxxxxxxxxxxx";

var client = new Octopus.Client.OctopusClient(new Octopus.Client.OctopusServerEndpoint(octopusServer, apiKey));
var repo = new Octopus.Client.OctopusRepository(client);

var newUpn = "yournew.upn";
// If you want to update just one user at first, comment out the condition further down inside the loop
var userToUpdate = "TheUserToUpdate";
var users = repo.Users.FindAll();
foreach (var user in users)
{
	if (user.Username.Contains('@'))
	{
		var usernameParts = user.Username.Split('@');
		if (usernameParts.Length == 2
			&& !usernameParts[1].Equals(newUpn, StringComparison.OrdinalIgnoreCase)
			//&& usernameParts[0].Equals(userToUpdate, StringComparison.OrdinalIgnoreCase) //Optionally if you only want to update one user to test with first
		)
		{
			user.Username = $"{usernameParts[0]}@{newUpn}";
			user.Dump();
			repo.Users.Modify(user);
			
			//if(!string.IsNullOrEmpty(userToUpdate)) break; // Un-comment this if you're only updating one user to stop the loop once the user has been updated
		}
		else
		{
			Console.WriteLine($"Skipping user {user.Username}");
		}
	}
}

NOTE You may want to do a test run on a single user at first to ensure it works as expected before updating everyone. Just to be on the safe(er) side.

Thank you and best regards,
Henrik

catan512 · 22 September 2016 14:52

We’re in the same situation

Can we change the usernames right away in the SQL db with a script?
I’d rather do that than write a C# tool
Or is there some business logic preventing direct changes in the database?

henrik · 22 September 2016 23:50

Hi,

No, there is no business logic preventing you to change the usernames directly in the database, we just don’t recommend our customers modify the database directly unless it is absolutely necessary (e.g. what they need to do can’t be done using our API with our provided tools).

Just be careful if you decide to do it using a SQL script (backup your database etc) just in case something goes wrong.

Thanks,
Henrik

catan512 · 23 September 2016 06:41

Thanks Henrik, we’ll backup the db and try 1 user first before updating them all

Octopus_Support · 4 January 2017 06:10

Notice:

This issue has been closed due to inactivity. If you encounter the same or a similar issue and require help, please open a new discussion (if we asked for logs or extra details in this thread, consider including them in the new thread). If you are the creator of this thread and believe it should not be closed let us know via our support email.