Re: Other OSes exist
"Those links may be based on user IDs, named tokens, user-associated keys, you name (harhar) it."
If you're basing scripts etc on specific AD user names, then you're an idiot. Full stop. There's no sane reason to do so - use a group membership or something, for precisely this reason. New users appear all the time, but user roles don't change much and tend to cover lots of people. Use them.
What, exactly, does the submitting IT manager do when there's a new member of staff? Goes and drums up a new version of every single script for the sake of each new hire, and then builds and names a laptop specifically for that person, with an asset tag based on that user's name? Then manually produces every single link between systems for that user account? That isn't IT, that's manual labour with a computer. I wouldn't be surprised if they were manually copying user's outlook signatures in individually, given the other bad practices in place here. As to the other links, learn to use LDAP and ADFS. Unsurprisingly, the idea of having to convert username on system X to different username on system Y has come up before and will come up again, as has the idea that one might want multiple systems to be drawing from a single directory.
Frankly, this problem sounds largely self-inflicted - the use of 3-character usernames to begin with is not a good idea as it doesn't scale past about 18,000 possible combinations (tiny for a university, and less than 20 years churn for a mid-sized college or school). Meanwhile, it looks like the interplay between systems has been designed with more-or-less zero automation. That's also not really excusable these days when there's so many tools available for get round it. Yes, it's education, so they're not exactly cutting-edge and swimming in budget, but still, this doesn't sound as hugely challenging as the contributor is making out.
Biting the hand that feeds IT
