Managing Organization Hierarchy in SharePoint 2007 MySites

Recently, I was saddled with the responsibility of making some changes to the Organization Hierarchy in SharePoint 2007 MySites.

I got a request to remove a former employee of a client of mine user details from the organisational hierarchy in SharePoint 2007 MySites.

To understand how Organization Hierarchy in SharePoint  MySites is populated you need to read all about it in  here - http://www.gk.id.au/2009/07/sharepoint-my-site-managing-user.html

This post is only going to solve issues you might have when removing users from the hierarchy.

I noticed the following, after I looked at the request;

  • User does not exists in Active User Profile repository
  • Users mysite site collection does not exists
  • User account not disabled in AD

The issues above even made it more complicated until I looked alittle closer to the User Profiles and Properites>View User Profiles with the SSP.
See this page  http://[ssp admin url]/ssp/admin/_layouts/ProfMain.aspx

Click View User Profiles and on the resulting page. You either search for the user of use the drop down "Active Profiles" and switch to  "Profiles Missing from Import".

Once you find the user, select edit and make changes to the Manager properties in there.

That actually solves the problem.


searchsspsettings.aspx HTTP 403 Forbidden

I was getting an HTTP 403 Forbidden error when I clicked on the SSP Search Settings.
Also when I clicked on the Content Sources, I was getting the same error.

After a bit of digging around, Event Logs, IIS logs I finally found a reference to the Windows Task folder.

I then found this from googling this error. I hope it helps


HOWTO: Creating a Unique ID in a SharePoint List

Today, I needed to create a unique ID for items in a SharePoint list.
I need to have a Unique ID containing Alpha-numeric characters for each item employing the ID of the item.
I wanted the Unique ID to look like CE[ID] where CE is the text string and ID is the item ID.


  1. Create a column, give it a name (say MembersID)
  2. Select "Calculated" and enter the following formula


HOWTO: Calculate difference between two dates, including the dates themselves

Recently, I got an email from a client who I have created a Database for using SharePoint Lists.
They had a requirement to find the number of days an event took including the actual start dates and end dates.

So using the Calculated Column, you can create a column as follows
=DATEDIF([Start Date], [End Date],"d").
But this calculation will give you 1 day less the actual number of days.

Modify the calculated column as follows
=DATEDIF(([Start Date]-1), [End Date],"d")
That caters for the difference in days, when you use the initial solution.

Hope this helps someone.


FBA and the Microsoft Office System

This is an article that tends to describe the interaction of Forms Based Authentication in MOSS 2007 and how it affects the functionality of Microsoft Office products.

What is FBA?
FBA is the Forms Based Authentication solution that provides an authentication method for users who need to authenticate against your SharePoint site using web forms as input method and data store as credentials store.
There are different FBA solutions available to the .Net Framework. Some of these solutions make use of SQL Server as the source for the user credentials, Windows Live IDs, XML, SharePoint lists and many more.

Implementing FBA in SharePoint
Implementing FBA in SharePoint takes different approaches depending on the solution you adopt. There are many third party tools and open source files that you can obtain from the internet which you can use to implement FBA on your SharePoint site. I will not use this medium to describe how to implement FBA but instead I will add below URL of sites where you can get help.

  1.  http://splistmp.codeplex.com/releases/view/7001
  2.  https://www.nothingbutsharepoint.com/sites/itpro/Pages/Configuring-Forms-Based-Authentication.aspx
  3.  http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/
  4.  http://cks.codeplex.com/releases/view/17901
  5.  http://www.shetabtech.com/english/SharePointLiveAuth/default.aspx
  6.  http://sp2010claimsfbaexs.codeplex.com/
  7.  http://www.codeproject.com/Articles/19055/Form-Authentication-for-MOSS-2007-Site

From all the above you can configure your SharePoint Farm to use FBA for authentication.

Using FBA in SharePoint
Using FBA in SharePoint has its limitations compared with Windows authentication.  Generally, users who have Active Directory accounts can use their accounts to log on to Windows and the same credentials will also be used to authenticate against any SharePoint site that uses windows authentication. But using FBA means you will be presented with web forms – login page whenever you visit the SharePoint site in which you then input your login credentials in the form of a “username” and a “password”.
This method heavily depends on the ASP.NET 2.0 provider, relevant skills in web development, configuration of .NET, IIS and SharePoint.

Functionality Issues of using FBA with Microsoft Office Products
When you configure a SharePoint Web Application to use FBA, during the configuration the “Enable Client Integration Box” is cleared by default. This means most Microsoft Office integration is disabled.
  1. Support for remote interfaces is turned off such as WebDav, SOAP, RPC (remote procedure calls), Web Folders and Web services.
  2. Functionality items are turned off, Open in Outlook, Explorer View, Create an Access View, Open in Windows Explorer, Export to Spreadsheet and open in Datasheet view also New Document is not available.
  3. Upload multiple pictures, Edit picture, download picture and send to are all disabled.
  4. Edit in Word, Excel, PowerPoint are disabled, Connect to Outlook and Discuss are not available.
  5. Syncing SharePoint data with Microsoft Office Outlook no longer works .

To enable all the above functionality in SharePoint, the “Enable Client Integration” box will need to be checked in the Central Administration for the Authentication Provider of the Web Application.
There’s a degraded user experience and functionality when using FBA partly because of how it was configured and also due to compatibilities issues created by Microsoft.
These issues have been identified in Office 2003 and Office 2007 and Microsoft has provided service packs which as improved the functionality being experienced only in Office 2007.

Compatibilities and Workarounds
Currently, compatibilities issues are present in the Microsoft Office SharePoint Server 2007 and Office System 2003 which I believe has not been resolved. So any organisation implementing MOSS 2007 but has not upgraded Office 2003 should have an assessment done to prevent failures in their implementations.
As I have described previously above, there are service packs available for the Microsoft Office SharePoint Server 2007 and Office System 2007 which has improved the user experience when using Form Based Authentication (FBA) as an authentication method for SharePoint, this is the MOSS 2007 Service Pack 2 and 2007 Office Suite SP2.  The MOSS 2007 Service Pack 2 that was shipped April 28th 2009, now has added and improved functionality which includes Microsoft Save as PDF or XPS, substantial improvements to FBA support in Word, Excel, PowerPoint and SharePoint Designer 2007.
The following are tests I have carried out using the different versions of MOSS 2007 Service Packs, Office 2007 and Office 2003.
MOSS Version
Office Version
Tests Carried Out
Microsoft Office SharePoint Server 2007 with Service Pack 1 and below
Office System 2007 with Service Pack 1 and below
-          Open in Word does not work well
-          Connect to Outlook does not work well
-          Export to Spreadsheet does not work at all.
MOSS 2007 and Office 2007 does not support FBA very well, User experience is not degraded, user credentials will need to entered many times
Microsoft Office SharePoint Server 2007 with Service Pack 2
Office System 2007 with Service Pack 1 and below
-          Open in Word does not work well
-          Connect to Outlook does not work well
-          Export to Spreadsheet does not work at all.
MOSS 2007 and Office 2007 does not support FBA very well, User experience is not degraded, user credentials will need to entered many times
Microsoft Office SharePoint Server 2007 with Service Pack 2
Office 2003
-          Upload Mulitple Works
-          Open in Word not working
-          Export to Spreadsheet not working
-          Connect to Outlook not working
FBA Client integration does not work with Office 2003
Microsoft Office SharePoint Server 2007 with Service Pack 2
Office System 2007 with Service Pack 2
-          Everything works (with the “Remember me” check box ticked.
-          Open in Word works(login page presented, enter in your credentials and it just fine)
-          Connect to Outlook works (if “remember me” check box is ticked)
-          Export to Excel works (if “remember me” check box is ticked)
This is the best experience with FBA as both Office 2007 SP2 and MOSS 2007 SP2 support FBA fully and integrates very well.

When working in Office 2007 SP1 and below, Office 2003 users can still work with documents in SharePoint libraries and lists, but with working in SharePoint libraries they must right-click items and choose to save a copy to disk. They can then edit and update the document, and then upload it and check it back in when they are finished editing.

In this article I have described what the Form Based Authentication is and ways in which is can be implemented and have provided different resources available to use with FBA. Also I have been able to describe the impact of using FBA and the main functionality issues you can encounter when using FBA in Office System. Then, finally I was able to discuss my findings with using the different versions of MOSS 2007 and Office System 2007.

Further Reading
  1. http://www.codeproject.com/Articles/16822/The-Anatomy-of-Forms-Authentication
  2. http://msdn.microsoft.com/en-us/library/bb977430.aspx
  3. http://blogs.technet.com/b/office_sustained_engineering/archive/2009/04/16/service-pack-2-for-the-2007-microsoft-office-system-due-to-ship-april-28th.aspx


HOWTO: Send SMS Messages from SharePoint (WSS 3.0 & MOSS 2007)

Recently, I had a client who needed to do a simple task using his subscription of bulk sms messages.
He uses SharePoint as a CRM tool, to keep his customers updated with information about his company he needed to implement an SMS solution to push out SMS messages with different content from SharePoint.

A very simple ingenious solution requires the following;

1. A bulk Email to SMS account with any bulk SMS provider.
2. The SharePoint list(s) containing the mobile phone numbers of the recipient(s).
3. The SharePoint list to be used to send the SMS Body
4. SharePoint Designer 2007

Set up a bulk Email to SMS Account with any bulk SMS provider.

I had setup an account with a provider who requested that I use an email with which is associated with my bulk SMS account.
Now the email I used with the bulk SMS provider was the email I have configured on the "Web Application Outgoing Email Settings" for the web application that was running the SharePoint list.

By the using this email, the bulk SMS provider system was able to identify any emails coming from my server as an authenticated user.

Create a Workflow to Send emails
Next, I created a workflow using SharePoint Designer 2007 to send email (using a trigger) whenever a new item is created or an item is changed.

In the body of the email generated by the workflow, was the text of the SMS to be sent.
In the email address is a combination of the mobilephone@bulksmsprovider.domain. This means once the workflows runs as designed, it generates an email to be sent to the email (customers_mobilephone_number@bulk_sms_provider_domain) and this gets delivered straight away.

Remember that SharePoint 2010 has a new functionality "Mobile Account Settings", this feature would allow you to configure an SMS Service on your SharePoint Server.

I have observed the cost of using these SMS Service providers is absolutely high and very few of them. But using my solution above will give the opportunity to use any provider of your choice.

SharePoint Calculated Columns: LEN, LEFT, RIGHT

Using LEN in SharePoint Calculated Columns enables you to count total numbers of Characters in a Column. It can be used as follows;


You can have other permutations such as 

Counts the number of characters in Column1 and remove 4 characters from the left 

Counts the number of characters in Column1 and remove 3 characters from the right
=RIGHT([Column1], LEN([Column1])-3)

I hope this helps someone


HOWTO: Display the Developer Tab for Microsoft Office System

The Developer tab is an additional feature on Microsoft Office Applications that can enable Forms to be completed in Word and other genius functionality can be achieved using the Office System

Display Developer Tab in Microsoft Office System 2007

1. Open a Microsoft Application (PowerPoint, Word or Excel)
2. Click on the Office Ribbon Button
3. Select and Click on the Options (Word Options, Excel Options or PowerPoint Options)
4. Select the "Popular" category and tick the check box "Show the Developer tab in the Ribbon"

Display Developer Tab in Office 2010 Applications

1. Open a Microsoft Application (PowerPoint, Word or Excel). Also Outlook 2010 can do Developer Tab
2. Click on the File tab and then Options.
3. Choose Customise Ribbon under the categories pane.
4. Then click Developer to add.


HOWTO: Delete User from Site Collection

A quick HOWTO; from my HOWTO series.
User needed to be deleted from Site Collection.

1. Login to the site as the Site Collection Administrator
2. Go to the All People Group by visit the URL http://[your server address]/_layouts/people.aspx?MembershipGroupID=0
3. This will give you access to the All People list.
4. Click on the Name Column and Click "Show Filter Choices"
5. Select the user you want to delete
6. Do Actions > Delete Users from Site Collection


Enable anonymous access in SharePoint

For no curious reason, I wanted to turn on anonymous access to my test site. So I got this handy link which was published by Microsoft.

Enable anonymous access
Applies to Microsoft Office SharePoint Server 2007 / Windows SharePoint Services 3.0

Enjoy your day


SharePoint List Filter/Search Using OOTB Web Parts

Today I am going to describe a simple way to search/filter a list using a Text Filter Web Part.

I have this scenario, Client wants to search a list without having to use SharePoint Search or leaving the web page.


Note: To do this for the first time, create a test web part page to add the web parts.

  1. Create a new Web Part page. Save it as List Search.aspx
  2. Add Text Filter WebPart to the new aspx page
  3. Add the List (to be searched) to the page above using SPD
  4. Create a Parameter for the List column you want to search
  5. Filter the Data View Using the Parameter
  6. Connect Parameter on Data View to Text Filter

Create a new Web Part Page

Add the Text Filter to the Web Part page

Add List to be searched using SPD. Drag and drop the List as a DatasheetView Web Part

Edit the Columns and add the columns you would prefer to see on the List View.
Then click the List "Common Data View Tasks" and select "Filter".

Then select the column you would like to filter as the "Field Name", contains as the "Comparison" and CREATE NEW PARAMETER as the value.

In the resulting window, type in a name for the new parameter "NameSearch" and select Form and add a name for the Form Field.

Because you have applied a parameter, the List should not show any data.
Then save the ASPX page and return to the site in IE.

You now need to do a Web Part connection so that the Text Filter will send values to the List View.
Go to Edit View of the page in IE. 
Click the Web Part properties to select connection > Get Parameters From > Filter : [Text Filter Name Title] (in my case Filter: Column Search)

In the Configure Connection dialog window select '[Parameter Name]' (in my case Column Search) from the pull down menu and click the Finish Button.  

Now the Column Search/filter is now ready to use. You can test you see if you get any results using data from the column you have selected.


FIX: "New user account does not have a valid SID history"

Now, this was an issue I tackled recently.
I had a client who wanted to do a name change in SharePoint which should be a normal easy thing to do using the STSADM command MigrateUser. See my post on that here Name Changes for SharePoint User.

But on following the steps in my post I encountered an Error "New user account does not have a valid SID history" ...uhmmm strange!

So I thought, what would I do to resolve this. I know! google it. But the google results I got didn't really resolve my issue. I then looked into the SQL database to find the user info.

My query returned a strange result tp_token was NULL and the newlogin was not found.

So I decided to perform a force "-ignoresidhistory"

Then I ran into a brickwall. uhmm worse.
Ok, lets make things simple.
1. Add the new user login to the Site Collection
   - Site Actions > Site Settings > People and Groups
   - Add new user > Type the new user login details > Click Ok

2. View the new user profile
   - Move mouse over new user account in SharePoint
   - Copy the new user account ID
   - Go to http://servername/_layouts/userdisp.aspx?Force=True&ID=[ID Copied from above]
3. Delete new user account from Site Collection
4. Ask user to visit the site collection again.
5. A new user account ID is created. Problem fixed. User details updated.


Where's the Web Part Gallery

Well, this is a simple one.
1. Browse to the Site collection root site
2. Click Site Actions > Site Settings (you must be site collection administrator to do this)
3. You should see Site Collection Administration (if you don't, then you don't have the permissions to)
4. Then Under Galleries you'll see Web Parts

You can then upload new web parts for use within the Site Collection

Error 2436: Warning - An unrecognized HTTP response was received when attempting to crawl this item. Verify whether the item can be accessed using your browser.

This warning turned up in the Event viewer repeatedly for about 2 days.
It pointed to the SharePoint content cannot be crawled..that was worrying!

After much digging around on the server and also on the internet, I noticed several solutions were available which got me putting on my thinking cap.... Most of the solutions available werent related to this issue I was having. So I decided to dig a bit further..

Then I looked at the Error again.

Event Type: Warning
Event Source: Windows SharePoint Services 3 Search
Event Category: Gatherer 
Event ID: 2436
Date: 2/6/2012
Time: 1:33:07 PM
User: N/A
Computer: [SERVERNAME]
The start address cannot be crawled
Context: Application 'Search index file on the search server', Catalog 'Search'
Details: An unrecognized HTTP response was received when attempting to crawl this item. Verify whether the item can be accessed using your browser.   (0x80041204)

  1. Tried to access the Content Source URL and I got an error message 
  2. Then I looked into the Windows HOSTS file, I noticed that the HOSTS file had been modified recently.
  3. I removed the entry for the Content Source URL.
  4. Made changes to the proxy settings on the IE and that resolved the error message I was getting when I try to access the URL
  5. After that I noticed, the error did not return.

Blocking File Types in SharePoint 2007

Blocking File Types in SharePoint 2007 is an operational action.
You can decide to restrict certain file types depending on the configuration of your SharePoint Farm or the organisational policy.

Blocking some file types you restrict the upload or download of these files with the extension that has been blocked. Users will not be able to add these files to SharePoint.

For example, you might need to block file types "*.exe" to exclude possible virus files users might unknowingly add to your farm.

Certain file types are by default blocked in SharePoint 2007 and also these file types blocking are Web Application specific.

To block a file type or find the list of file types blocked.

Go to Central Admin > Operations > Security Configuration > Blocked file types

1. Select the Web Application you want to implement Blocked File Types
2. On the resulting page, add the extension file type.
3. Click OK to save.


Create Document Library Error: A duplicate name 'column name' was found

User tries to create a document library from a custom document library template and gets the following error
"A duplicate name 'Column name' was found".

- Client's SharePoint Site Admin deletes site.
- A backup of a similar site was taken and restored where the deleted old site existed.
- A new site now has been restored with all references to the site columns of the restored site.
- The document libraries restored does not have the content type activated.
- Once you activate the content type in the newly document libraries, it creates 2 columns of the same name one with the content type and one without the content type.

The problem was that the columns in the content type that has been applied to the document library template already exists with a different GUID. The existing columns was the one that was restored and it inherited a different GUID.


  1. Create a new Document Library, apply the content type required for the document template.
  2. Save it as a document library template using a different name.
  3. Delete the old document library template that was restored. 
  4. Rename the newly created document library template to the name of the one deleted.
Problem solved!


Error 6482: Access to the path 'C:\WINDOWS\system32\drivers\etc\HOSTS' is denied

This morning I came in and found a server load of errors, the Event viewer had this view;

And the error details was as follows;

Event Type: Error
Event Source: Office SharePoint Server
Event Category: Office Server Shared Services 
Event ID: 6482
Date: 1/31/2012
Time: 8:37:41 AM
User: N/A
Computer: [Server Name]
Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (3b6b8fc0-85b0-4a84-87a0-0b8364eec13e).

Reason: Access to the path 'C:\WINDOWS\system32\drivers\etc\HOSTS' is denied.

Techinal Support Details:
System.UnauthorizedAccessException: Access to the path 'C:\WINDOWS\system32\drivers\etc\HOSTS' is denied.
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
   at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
   at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
   at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize)
   at System.IO.StreamWriter..ctor(String path, Boolean append)
   at System.IO.FileInfo.CreateText()
   at Microsoft.Search.Administration.Security.HOSTSFile.CleanupDedicatedGathering(Hashtable HOSTSFileMappings, StringBuilder HOSTSComments, IEnumerable obsoleteHosts, String dedicatedName, Boolean isDirty)
   at Microsoft.Search.Administration.Security.HOSTSFile.ConfigureDedicatedGathering(SearchServiceInstance searchServiceInstance, SPServer dedicatedWebFrontEndServer, IList`1 previousWebApplicationHostNames)
   at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.SynchronizeDefaultContentSource(IDictionary applications)
   at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.Synchronize()
   at Microsoft.Office.Server.Administration.ApplicationServerJob.ProvisionLocalSharedServiceInstances(Boolean isAdministrationServiceJob)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Please grant the following permissions on the '%SystemRoot%\System32\Drivers\etc' folder to resolve the issue.
* List Folder / Read Data
* Read Attributes
* Read Extended Attributes
* Create Files / Write Data
* Create Folders / Append Data
* Write Attributes
* Write Extended Attributes
* Delete
* Read Permissions

Solution Credits see Error 6482


Error 5214: Insufficient Permissions object 'UserData'

SharePoint Administrator reported the Error 5214, sent me the screenshot of the error below with the text.

Event Type: Error
Event Source: Windows SharePoint Services 3
Event Category: Database 
Event ID: 5214
Date: 26/01/2012
Time: 10:27:23
User: N/A
Computer: [SERVER NAME]
Insufficient SQL database permissions for user '[ACCOUNTNAME]' in database 'SharePoint_AdminContent_[DATABASE GUID]' on SQL Server instance [DATABASE SERVER]. Additional error information from SQL Server is included below.

The SELECT permission was denied on the object 'UserData', database  'SharePoint_AdminContent_[DATABASE GUID]', schema 'dbo'.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Solution can be found at;
In this case I solved it by following;

To ensure that this account has correct permission in SQL Server

  1. Connect to the computer running SQL Server by using an account with administrator permissions.
  2. In SQL Server Management Studio, open the Security node, and then open the Logins node. You should see the account listed as a SQL Login.
  3. If the account is there, then open the database node, open the Security node under the database, and then open the Roles node.
  4. Open the Database Roles node and double-click the db_owner role to open its properties.
  5. In the Database Roles Properties dialog box, under Members of this role, you should see the database access account. If the account is not there, add it by clicking Add.

Hide "View All Site Content"

"View All Site Content" is a feature on WSS 3.0 and MOSS 2007 sites. Sometimes it can be annoying if you are like me that enjoys customising SharePoint.
In this case, I had a client that doesnt what his users to necessarily see all the lists and libraries in his customised SharePoint site so... Hide "View All Site Content"

There are several ways to hide this link but I decided to choose the security trimmed version.

Excel Calculation Services Error 5226

Lately I received a clients call regarding a problem with Excel Web Access in Office SharePoint 2007. He sent me a screenshot of the error.

"An error has occurred. Please contact your system administrator if this problem persists."

The error seemed suspicious and that prompted me to look into the issue in the events viewer on the server running the Excel Services. And I found lots of errors with Error 5226. 

Bad news!, where did it all come from... on a closer look at the error details I noticed that some account does not have permissions to create a folder or a file location for the services to run.


Event Type: Error
Event Source: Office SharePoint Server
Event Category: Excel Calculation Services
Event ID: 5226
Date: 19/01/2012
Time: 14:28:24
User: N/A
Computer: AZZRRR
Unable to create or access workbook cache at C:\WINDOWS\TEMP\Excel Server\FileCache\InteXDRESF. Excel Services is unable to function without a workbook cache.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

1. Manually created the file location "C:\WINDOWS\TEMP\Excel Server\FileCache\InteXDRESF"
2. Applied permissions as follows; granted WSS_ADMIN_WPG - Full Control on the "TEMP" folder.
3. Applied permissions as follows; granted WSS_WPG - Read and Write on the "TEMP" folder. 

Then I tested the web part and I still got an error;

4. I then manually created the "Ranges, SavedWorkbooks and Charts" folder (see above). These folders help to display the ranges and charts in the Excel workbook.

Then that solved the problem!


Names changes for SharePoint User

I have come across this scenario, I will be describing below several times and I am blogging it now as I had to do it again today on a client's farm.

A SharePoint user in Company XYG changes her name, sends a request to get the name changed in her Exchange Account and her Active Directory Account. IT changes name, but name shown on SharePoint user logon displays her old name.

Use the STSADM command line "Migrateuser" to change her details.

1. Log on to the SharePoint web front end with user having Farm Admin rights
2. Open the Command Prompt
3. Set directory to 12 Hive. C:\program files\common files\microsoft shared\web server extensions\12\bin
4. Run command stsadm -o migrateuser -oldlogin domain\olduseracct -newlogin domain\newuseraccount
5. Voila! User Account changes is updated in SharePoint

Applies to WSS 3.0, MOSS 2007 (might be the same for SP2010)