How to create fake users in SharePoint with real names
While migration system and its data to SharePoint application there was a task to save logs of change from old system data. Some authors of changes have already retired - some of them are disabled in Active Directory, others – deleted at all.
In logs of change in SharePoint list items we needed to save real name of author of change. But if this account is disabled or deleted in AD, author of change in this list item was "Sharepoint\System". And there was no compromise for a customer. I have to say that our customer was very fastidious but may be it’s not very bad.
Authors of change in the old system were saved as text field in SQL-table. SharePoint uses profiles information for saving information about who the author of creation or change was. So in SharePoint it’s a complex field based on account name. There are some methods for class SPUser – LoginName, Name, Email and etc. Developers better know it. So SharePoint User is not only fullname or login – it’s a complex (class) of properties.
If a user at least once logged to SharePoint site, SharePoint remember him. But what to do if there’s no user any more?
I thought about two solutions. First – unlock disabled users in AD and create deleted accounts, enter them to SharePoint, migrate data and after that lock and delete users. But our AD-administrator wasn’t delighted with this idea. Only in the worst case.
The second way was to find how to trick SharePoint. All of MicroSoft software have security issues. I don’t think SharePoint is exception.
I created local users on server with SharePoint and set them password. If you have a lot of users, this command line will help you:
net user UserName "PassWord" /add
You may run this command from console (cmd) or from powershell.
But when I log to SharePoint site with SP10\UserName SharePoint knows only login name. And it’s all the same whether there is information about user in Windows Prfole or not. SharePoint knows only login but not the name.
In web interface I didn’t find where I can update information. One remark – this data goes not from user profiles. These properties are the same as peoplepicker tool use. And this tools doesn’t allow to choose locked, disabled and deleted users from AD.
To update information about newly created fake user there’s a command Set-SPUser in SharePoint console.
Set-SPUser –Identity "servername\login" –Web http://server[:port]/-DisplayName "fullname"
For example, after command
Set-SPUser -Identity sp10\UserName -Web https://sp10 -DisplayName "User For Tests"
I’ve got this name for my user
After work of migration tool, logs of changes in SharePoint list items were with correct authors. Of course there’s empty information about these users, but if these users already don’t work with a system it’s not very important.
So if you have few users for similar task you may run command one by one. In another case you can generate commands to *.ps1 file (each command from new line) and execute them.
Hey there I am so happy I found your weblog, I really found you by accident,
while I was researching on Bing for something else, Nonetheless I am here now and would just like to say many thanks for a incredible post
and a all round interesting blog (I also love the theme/design), I don’t have time to look over it all
at the moment but I have book-marked it and also added in
your RSS feeds, so when I have time I will be back to read a lot more, Please do keep up
the great job.
Comment by Russia car Crash — March 30, 2014 @ 4:08 am
I wonder what connections between SharePoint administration and accidents 🙂 Accidents are very bad and sad things, I don’t know normal people who like to see accidents. But also I know that in Russia a lot of people provoke accidents because of their boorishness.
I’m glad to have readers of my blog.
Comment by admin — March 30, 2014 @ 5:21 pm