How to change SharePoint AD group names after the group name has changed in Active Directory

Well this is simple really, The code goes through each site collection, identifies groups coming from AD, then retrieves the same group using the SID value from Active Directory and updaes the SharePoint group name based on the value in the Active Directory.

param (
 [string]$SPSiteFilter = "Your application URL",
 [string]$SPADLoginNamePrefix = "c:0+.w|",
 [bool]$UseSAMAccountName = $true

if ((Get-PSSnapin 'Microsoft.SharePoint.PowerShell' -ErrorAction SilentlyContinue) -eq $null){Add-PSSnapin 'Microsoft.SharePoint.PowerShell'}
 if (Get-Module -ListAvailable -Name ActiveDirectory) {
 Write-Host "ActiveDirectory Module exists"
} else {
 Write-Host "ActiveDirectory Module does not exist. This Script requires this module. Please check that the module is installed."
 Write-Host "To install the module through PowerShell you can use the following command:"
 Write-Host "Add-WindowsFeature RSAT-AD-PowerShell"
 Import-Module ActiveDirectory
$spWebApp = Get-SPWebApplication $SPSiteFilter
foreach($site in $spWebApp.Sites)
 Write-Host "Site: $($site.Url)"
 # Notice that the SPADLoginNamePrefix variable prefix is used to identify a AD group and also to parse the SID value
 $site.rootweb.siteusers | where { $_.IsDomainGroup -and $_.UserLogin.ToString().Contains($SPADLoginNamePrefix) } | %{
 $dispNameSplit = $_.UserLogin.ToString().Replace($SPADLoginNamePrefix, "")
 #Get the Account from AD to retrieve to correct name
 $adAccount = Get-ADGroup -Identity $dispNameSplit
 $newSPAccountDisplayName = ""
 #Modify the SharePoint Account DisplayName and Name based on the AD SamAccountName OR the Name 
 if($UseSAMAccountName -eq $true)
 { $newSPAccountDisplayName = $adAccount.SamAccountName }
 { $newSPAccountDisplayName = $adAccount.Name }
 if($_.DisplayName -ne $newSPAccountDisplayName -or $_.Name -ne $newSPAccountDisplayName)
 Write-Host "Changed SharePoint AD Group: $($_.DisplayName) to: $($newSPAccountDisplayName)"
 $_.DisplayName = $newSPAccountDisplayName
 $_.Name = $newSPAccountDisplayName
 } else
 Write-Host "SharePoint AD Group name: $($_.DisplayName) is the same as in AD : $($newSPAccountDisplayName)"
 $adAccount = $null


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s