A couple of users had a strange issue in accessing CRM. These users were able to access CRM without having any issues, but had problem in accessing custom pages. At a first look I thought this could be issue with client side settings that are required for Kerberos. When I did some research I found out that these users are initially contractors when the user accounts are created in CRM and they had a different domain logon name. They are assigned with new domain logon names when they became fulltime employees, which is different from the one stored (corresponding to the user) in CRM.
When I tried updating the existing domain logon names in CRM with new logon names I got an error message saying “You are attempting to create a user with a domain logon that is already used by another user. Select another domain logon and try again”.
This is because, logon name for the user is updated in AD (i.e. the user accounts in AD are updated but not created new) and they have same SID (ActiveDirectoryGuid in SystemUserBase matches) even after updating the accounts in AD. So, that is how the system is preventing to change the user name in the CRM.
After spending couple of hours and trying for different options, I finally came up with a solution which is supported and doesn’t impact anything on existing data.
Below are the steps:
- Open Microsoft Dynamics CRM 4.0 as a System Administrator user.
- Click Settings -> Administration -> Users, and then open the user record that you want to change.
- In the Domain Logon Name box, type an Active Directory user account (say a temporary user account), which is not existing as an user in CRM.Note: If all the Active Directory user accounts are used by Microsoft Dynamics CRM 4.0 user records, create a temporary Active Directory user account.
- Click Save.
- On the same user form, now type the current AD user account (new domain logon name which is assigned to user) in the Domain Logon Name box. Then, click Save and Close.
Note: The Active Directory user account that you type in this step is the account that is used by a Microsoft Dynamics CRM 4.0 user record. The Microsoft Dynamics CRM 4.0 user record is the record for which you want to change the user name and the logon name in Microsoft Dynamics CRM 4.0.