Error Message

Error when attempting to manually change the Windows username field contents:

This employee is already present, under the name 'user1'

Error when attempting to first synchronize the Monitored Employee after changing its AD account login name:

Could not find ev\user4, the user may have been deleted.  Name translation: Could
not find the name or insufficient right to see name. (Exception from HRESULT:
0x80072116)

CA allows the manual creation of non-mail enabled Monitored Employee accounts in the Employees tab so they can be granted role assignments.  The manual creation process allows for the manual entry of information such as First Name, Last Name, Display Name, Email Address and Windows Login name with the Windows Login name specifying the AD account for the user.

The process of creating a Monitored Employee with a reference to an AD account causes the account's SID to be obtained from AD and entered into the database along with the login information.  Changing the AD account's login and then changing that login information in the Monitored Employee's properties causes AD to be accessed again to obtain and verify the SID, which is found to already exist in CA under the original login.  This causes the account update processing to fail as the entry already exists in CA.

Prior to changing an AD account's User logon name and User logon name (Pre-Windows 2000) for a CA Monitored Employee that is not synchronized with AD:
1. Enable the synchronize option for the Monitored Employee in CA.
2. Synchronize the Monitored Employee.
3. When that synchronization has completed, change the account's User logon name and User logon name (Pre-Windows 2000) in AD.
4. Synchronize the Monitored Employee in CA again.
5. When the new user login name appears in the Monitored Employee's properties, remove the option to synchronize the account.

If the above steps are not followed, attempting to revert the Monitored Employee's AD user name and then synchronizing the account will throw a different error stating the account could not be found and may nave been deleted or the account used to synchronize with AD does not have sufficient permissions.  To resolve this, contact Veritas Support Services for assistance.