ADSI: Renaming AD group

My team mate threw me a difficult question today.

“Do you have a script to rename AD groups?”

Hmmm… most of the time, I only need to rename 1 or 2 group names, so I would just use ADUC to perform it. But can I do it using a script?

So I set out searching for scripts to rename an AD group. Guess what? It cannot be found. The closest search one can get to is to rename user accounts, but that’s a start. I als found an article from MS on how to rename objects, which is definitely useful also.

So here is the script:

OldGroupName = “OldGroupName”

NewGroupName =”NewGroupName”

Set objConnection = CreateObject(“ADODB.Connection”)
objConnection.Open “Provider=ADsDSOObject;”

Set objCommand = CreateObject(“ADODB.Command”)
objCommand.ActiveConnection = objConnection

objCommand.CommandText = “;(&(objectCategory=Group)(cn=” & OldGroupName & “));ADsPath;subtree”

Set objRecordSet = objCommand.Execute

Do While Not objRecordSet.EOF

strADsPath = objRecordSet.Fields(“ADsPath”)

‘this next part is to grab the container which the group belongs to, if anyone know which method I can I used to determine an object’s container, let me know. Thanks!”

if InStr(strADsPath, “,OU”) > 0 then

strCont = Mid(strADsPath,InStr(strADsPath, “,OU”)+1)

elseif InStr(strADsPath, “,CN”) > 0 then

strCont = Mid(strADsPath,InStr(strADsPath, “,CN”)+1)

end if

Set oCont = GetObject(“LDAP://” & strCont)
Set oNewGroup = oCont.MoveHere(strADsPath, “cn=” & NewGroupName)

‘You need to do this as the above does not change the pre-Windows name.

oNewGroup.SAMAccountName = NewGroupName


Wscript.echo “Old Name is ” & OldGroupName
Wscript.echo “New Name is ” & oNewGroup.AdsPath


Okay, now the next script is to find out how I can rename local group names on a computer.

