User can't log into Mac after name change on Active Directory

Oct 4, 2014
Reaction score
I was just hired by a company to perform desktop support for both Mac and PC laptops and desktops. The Macs, depending on age and legacy requirements, are running either 10.6.8, 10.7.4 or 10.9.5. They are all bound, and authentication is performed via Windows AD. Contractors are distinguished from company employees by having the number 1 put in front of their login names. When contractors are hired as employees, the user name is changed by removing the 1. I don't know whether or not the sys admin group is creating a new account, or simply changing the name of the existing account, though I suspect it may be the later.

The PC's take the change in stride with no login issues using the new name. The Macs, however, do not accept the changed named. I've been told they've tried blowing out the local account and/or rebinding the machine, but neither solution has worked. As crazy busy as my new shop is, they haven't had a lot of time to tackle the problem, so they've simply been re-imaging the Mac desktops every time a name change occurs. My thinking is they may be just changing the name on the AD account, and when the new name doesn't jive with the old SID/name combo on the Mac, it just doesn't let them in.

Anyone have a proper procedure, short of re-imaging, to get the Macs to accept the AD account name change?

Shop Amazon

Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.