This message was deleted.

@acceptable-army-15927 thank's again for your reply. This would be a good workaround, but my opinion, if you are supporting Active Directory Auth as Feature, this should handle such tasks properly. I mean instead of using the CN Path as "Identifier" they could just use the user sid. I managed now to "fix" this issue by using the rancher API to overwrite the user object with the new principalId