{"id":646,"date":"2012-08-30T22:10:40","date_gmt":"2012-08-30T21:10:40","guid":{"rendered":"http:\/\/www.darrencoupland.com\/blog\/?p=646"},"modified":"2012-08-30T22:10:40","modified_gmt":"2012-08-30T21:10:40","slug":"updating-an-ax-users-sid-when-theyve-been-accidently-deleted-from-active-directory","status":"publish","type":"post","link":"https:\/\/www.darrencoupland.com\/blog\/2012\/08\/updating-an-ax-users-sid-when-theyve-been-accidently-deleted-from-active-directory\/","title":{"rendered":"Updating an AX users SID when they&#8217;ve been accidently deleted from Active Directory"},"content":{"rendered":"<p>If you ever find an AX user&#8217;s account has been accidently deleted from Active Directory then is recreated with the same user name but they cannot access AX this is because they now have a new Active Directory SID that doesn&#8217;t match the SID against their user in AX.<\/p>\n<p>This can be resolved by updating their SID in AX with the newly recreated user&#8217;s SID.<\/p>\n<p>&nbsp;<\/p>\n<p>The Problem:<\/p>\n<p>&#8220;User1&#8221; was deleted in Active Directory, it was established that &#8220;User1&#8221; shouldn&#8217;t have been deleted, so &#8220;User1&#8221; was recreated. \u00a0Unfortunately &#8220;User1&#8221; couldn&#8217;t access AX though, they were receiving an Access Denied message.<\/p>\n<p>Resolution:<\/p>\n<p>First of all run the following powershell script (replace &#8220;User1&#8221; with your user) to find their SID<\/p>\n<pre class=\"brush: powershell; gutter: true\">$AdObj = New-Object System.Security.Principal.NTAccount(&#039;User1&#039;)\n$strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier])\n$strSID.Value<\/pre>\n<p>&nbsp;<\/p>\n<p>As you can see their SID is returned as S-1-5-21-1214440339-1788223648-682003330-48397<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-647\" title=\"Find a Users SID in Active Directory \" src=\"http:\/\/www.darrencoupland.com\/blog\/wp-content\/uploads\/2012\/08\/FindUsersADSID.jpg\" alt=\"\" width=\"609\" height=\"245\" srcset=\"https:\/\/www.darrencoupland.com\/blog\/wp-content\/uploads\/2012\/08\/FindUsersADSID.jpg 609w, https:\/\/www.darrencoupland.com\/blog\/wp-content\/uploads\/2012\/08\/FindUsersADSID-300x120.jpg 300w, https:\/\/www.darrencoupland.com\/blog\/wp-content\/uploads\/2012\/08\/FindUsersADSID-500x201.jpg 500w\" sizes=\"auto, (max-width: 609px) 100vw, 609px\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>Using the SID returned by the Powershell script run the following SQL Script (replacing the \u00a0Database Name, SID and ID with yours) to update the newly created login&#8217;s SID<\/p>\n<pre class=\"brush: sql; gutter: true\">UPDATE [MY_DAX09_DATABASE].[dbo].[USERINFO]\nSET SID = &#039;S-1-5-21-1214440339-1788223648-682003330-48397&#039;\nWHERE ID = &#039;User1&#039;<\/pre>\n<p>Note: ID is not usually the same as the users AD login name, in this example it happens to be. \u00a0Doing a simple select statement on the [UserInfo] table will establish the users ID that you need to use in the above SQL Statement.<\/p>\n<p>&#8220;User1&#8221; will now be able to access AX again.<\/p>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>If you ever find an AX user&#8217;s account has been accidently deleted from Active Directory then is recreated with the same user name but they cannot access AX this is because they now have a new Active Directory SID that doesn&#8217;t match the SID against their user in AX. This can be resolved by updating [&hellip;]<!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[3],"tags":[29,8,59,25,28],"class_list":["post-646","post","type-post","status-publish","format-standard","hentry","category-dynamics-ax-2009","tag-administration","tag-ax2009","tag-dynamics-ax-2009","tag-scripts","tag-t-sql"],"_links":{"self":[{"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/posts\/646","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/comments?post=646"}],"version-history":[{"count":3,"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/posts\/646\/revisions"}],"predecessor-version":[{"id":661,"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/posts\/646\/revisions\/661"}],"wp:attachment":[{"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/media?parent=646"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/categories?post=646"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darrencoupland.com\/blog\/wp-json\/wp\/v2\/tags?post=646"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}