I ran into an interesting situation with a partner in Europe. They have a significant customer who had created several thousand users with a unique OU at the time of registration. In looking to do a mass rename with an automated tool, they discovered that something must be done first to update the user ID files to allow mass changes with third party tools.
Of all the tools on the market to perform this rename, nothing would work properly for the rename to happen. As a result, we needed to find a work around. So here is what I discovered.
Organization XYZ creates a certifier for the O called XYZ. The registrar an OU called 123. When the users are created they are associated with the unique OU of abc. So Joe Smith becomes:
Well the OU certifier for abc never was created. So doing a rename you must use the 123 certifier and keep the Unique OU.
If the administrator registers a new OU called abc in the Domino directory. All of the users who have this Unique OU of abc are then recertified (just as when certificates are about to expire) with the newly created OU. This does not change the certificates in the ID files but does then change the expiration date. As a result, the users are now properly associated with a REAL OU certifier and the rename can move forward as an automated process.
What is really cool about this is that the Local ID File is not affected so the user receives no prompts or updates. While this step must be done outside of the third party tool, it can be done on selected documents in the Domino directory by selecting the affected users and then:
Click on Actions, Recertify Selected People, Choosing the new abc certifier and entering it’s password. This updates the person records with new expiration dates and allows the administrator to use the third party tool to do the mass name change.