My team mate threw me a difficult question today.
“Do you have a script to rename AD groups?”
Hmmm… most of the time, I only need to rename 1 or 2 group names, so I would just use ADUC to perform it. But can I do it using a script?
So I set out searching for scripts to rename an AD group. Guess what? It cannot be found. The closest search one can get to is to rename user accounts, but that’s a start. I als found an article from MS on how to rename objects, which is definitely useful also.
So here is the script:
OldGroupName = “OldGroupName”
NewGroupName =”NewGroupName”
Set objConnection = CreateObject(“ADODB.Connection”)
objConnection.Open “Provider=ADsDSOObject;”Set objCommand = CreateObject(“ADODB.Command”)
objCommand.ActiveConnection = objConnectionobjCommand.CommandText = “;(&(objectCategory=Group)(cn=” & OldGroupName & “));ADsPath;subtree”
Set objRecordSet = objCommand.Execute
Do While Not objRecordSet.EOF
strADsPath = objRecordSet.Fields(“ADsPath”)
‘this next part is to grab the container which the group belongs to, if anyone know which method I can I used to determine an object’s container, let me know. Thanks!”
if InStr(strADsPath, “,OU”) > 0 then
strCont = Mid(strADsPath,InStr(strADsPath, “,OU”)+1)
elseif InStr(strADsPath, “,CN”) > 0 then
strCont = Mid(strADsPath,InStr(strADsPath, “,CN”)+1)
end if
Set oCont = GetObject(“LDAP://” & strCont)
Set oNewGroup = oCont.MoveHere(strADsPath, “cn=” & NewGroupName)‘You need to do this as the above does not change the pre-Windows name.
oNewGroup.SAMAccountName = NewGroupName
oNewGroup.SetInfoobjRecordSet.MoveNext
Wscript.echo “Old Name is ” & OldGroupName
Wscript.echo “New Name is ” & oNewGroup.AdsPathLoop
objConnection.Close
Okay, now the next script is to find out how I can rename local group names on a computer.
