Modify AD groups in bulk using PowerShell script

Question

question

irfanali-0454 asked May 4, '21 NewbieJones-6218 commented Jun 16, '22

Modify AD groups in bulk using PowerShell script

$Groups = Import-CSV -path "C:\users\Name$\Temp\Grouptest.csv"
ForEach ($Object in $Groups)
{
$OldName = $Object.OldName
$NewName = $Object.NewName
Get-ADGroup $OldName | Rename-ADObject -NewName $NewName

Using above command I can can change group name, but not getting clue to change other attributes like SamaccontName, Proxyaddress, Emailaddress

windows-server-powershell

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 1 · 2021-05-04T07:01:55.817Z

IanXue-MSFT answered May 4, '21

Hi,

You can set the properties using the Set-ADGroup cmdlet.

 Get-ADGroup $OldName | Set-ADGroup -Replace @{SamAccountName=$newAccountName; proxyAddresses=$newProxyAddresses; mail=$newmail }

https://docs.microsoft.com/en-us/powershell/module/activedirectory/set-adgroup

Best Regards,
Ian Xue
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 2 · 2021-05-04T07:31:28.49Z

irfanali-0454 answered May 4, '21

Thx, since i ave to do for bulk of groups so the csv file i ave to create in te form of oldname, NewSamAccountName, Newproxyaddresses? Or sometingelse

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 3 · 2021-05-04T07:52:52.223Z

irfanali-0454 answered May 4, '21

Let me know if the below scrip will help

$Groups = Import-CSV -path "C:\users\Name$\Temp\Grouptest.csv"
ForEach ($Object in $Groups)

$OldName = $Object.OldName
$SamAccountName = $Object.SamAccountName
$ProxyAddresses = $Object.ProxyAddresses
Get-ADGroup $OldName $SamAccountName $ProxyAddresses | Set-ADGroup -Replace @{SamAccountName=$newAccountName; proxyAddresses=$newProxyAddresses; mail=$newmail }

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 4 · 2021-05-04T08:33:42.983Z

IanXue-MSFT answered May 4, '21 NewbieJones-6218 commented Jun 16, '22

Hi,

If you add the new columns with the headers "SamAccountName", "proxyAddresses" and "mail" to the csv file you can do it like this

 $Groups = Import-CSV -path "C:\users\Name$\Temp\Grouptest.csv"
 ForEach ($Object in $Groups)
 {
     $OldName = $Object.OldName
     $NewName = $Object.NewName
     Get-ADGroup $OldName | Set-ADGroup -Replace @{SamAccountName=$Object.SamAccountName;proxyAddresses=$Object.proxyAddresses;mail=$Object.mail}
     Get-ADGroup $OldName | Rename-ADObject -NewName $NewName
  }

Best Regards,
Ian Xue
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 4

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Toldor-7461 · Apr 05 at 07:59 PM

In writing up a similar script I found this thread. I needed to make one adjustment to the good information IanXue-MSFT noted here. On line 7, I needed to search by the $NewName, as the object could no longer be found under the $OldName, as at that point the object could no longer be found since it was renamed. Prior to that step, I also added Start-Sleep -s 5 just to ensure there was enough of a processing delay to find it under the new name.

0 ·

RichMatheisen-8856 Toldor-7461 · Apr 05 at 09:08 PM

If you have multiple domain controllers that's not uncommon because each cmdlet may select a different DC to operate on. Because replication isn't instantaneous different DCs may know the object by it's "old" distinguished/common name. The way to deal with that is to select a single DC at the beginning of the script and add the "-Server" parameter to each cmdlet using that DC name as the value. As long as they all use the same DC you avoid the replication delays.

0 ·

JSmith-9467 Toldor-7461 · Jun 15 at 09:34 PM

I ran into the same error. I'm new to Powershell. How did you adjust line 7 to make this work? I was able to successfully rename the AD group name, the pre-windows 2000 name, the mail address, and the mail nickname with my command, but the displayName (SamAccountName) didn't change.

Here's my script:

$Groups = Import-CSV -path "C:\users\UserID\GroupNameChange.csv"
ForEach ($Object in $Groups)
{
$OldName = $Object.OldName
$NewName = $Object.NewName
Set-ADGroup -Replace @{SamAccountName=$Object.SamAccountName;mail=$Object.mail;mailnickname=$Object.mailnickname}
Get-ADGroup $OldName | Rename-ADObject -NewName $NewName
}

I've got CSV columns for: OldName, NewName, SamAccountName, Mail, and MailNickname. Everything changes properly except the SamAccountName (displayName).

0 ·

NewbieJones-6218 JSmith-9467 · Jun 16 at 09:01 AM

Aren't your groups and SamAccountNames the same? Do you need a separate SamAccountName field in your CSV file?

Set-ADGroup -Replace @{SamAccountName=$Object.NewName;mail=$Object.mail;mailnickname=$Object.mailnickname}

The code itself is fairly standard and looks correct. So I suspect the problem is with the data in your CSV. Perhaps the field name is spelt incorrectly.

You can try testing this by running the Set-ADGroup command with a single line to ensure you are comfortable and that its working properly.

0 ·

question