# First, let’s perform and search query to retrieve groups list on local domain;

Get-QADGroup -Name testgroup* -sizelimit 0 | ft name, SamAccountName

Name

—-

testgroup-1

testgroup-2

# You can also define a specific OU to target a specific location;

Get-QADGroup -name testgroup* -searchscope “onelevel” -searchroot “ou=Groups,OU=Tests,dc=mydomain,dc=net” -sizelimit 0

# for SUBTREE;

Get-QADGroup -name testgroup* -searchscope “subtree” -searchroot “ou=Groups,OU=Tests,dc=mydomain,dc=net” -sizelimit 0

# Note that the ‘testgroup’ string is the number of characters i.e 11 is what we are manipulating and stripping out here;

#Get-QADGroup -name testgroup* -searchscope “onelevel” -searchroot “ou=Groups,OU=Tests,dc=mydomain,dc=net” -sizelimit 0 | Rename-QADObject -newName {$_.name.substring(11)} -whatif | Set-QADGroup -samAccountName {$_.samAccountName.substring(11)} -whatif

Get-QADGroup -name testgroup* -searchscope “subtree” -searchroot “ou=Groups,OU=Tests,dc=mydomain,dc=net” -sizelimit 0 | Rename-QADObject -newName {$_.name.substring(4)} -whatif | Set-QADGroup -samAccountName {$_.samAccountName.substring(4)} -whatif

# in this example above, we rename the group testgroup-1 by rename-1 and testgroup-2 by rename-2 and update the samAccountName attibute too!!!!

Get-QADGroup -name testgroup* -searchscope “subtree” -searchroot “ou=Groups,OU=Tests,dc=mydomain,dc=net” -sizelimit 0 | Rename-QADObject -newName {“NEW-“+$_.name} -whatif | Set-QADGroup -samAccountName {“NEW-“+$_.samAccountName} -whatif

# in this example above, this rename group testgroup-1 by NEW-testgroup-1 and testgroup-2 by NEW-testgroup-2 and update the samAccountName attibute too!!!

Note: Always use the –whatif parameter to confirm what changes you are about to make before you process the change.

# If needed, export the results out to a CSV by adding the export-csv cmdlet at the end.

# Similarly, you can chose to rename multiple groups, use the foreach command

Get-QADGroup -name testgroup* -searchscope “subtree” -searchroot “ou=Groups,OU=Tests,dc=mydomain,dc=net” -sizelimit 0 | Foreach {Rename-QADObject $_ -newName (“NEW-” + $_.name) | set-qadgroup -samaccountname (“NEW-” + $_.samaccountname)}

Name                           Type            DN

—-                           —-            —

NEW-testgroup-1                group           cn=NEW-testgroup-1,OU=RoleBased,OU=Groups,OU=Tests,Dc=mydomain,dc=net

NEW-testgroup-2                group           cn=NEW-testgroup-2,OU=RoleBased,OU=Groups,OU=Tests,Dc=mydomain,dc=net

NEW-testgroup-3                group           cn=NEW-testgroup-3,OU=RoleBased,OU=Groups,OU=Tests,Dc=mydomain,dc=net

#Above query will grab all the Groups from the defined path and will add “NEW-“ as the prefix to all groups. And also update the samaccountname attribute with the same name.

# to also set the displayname with a value = samaccountname, modify the set-qadgroup to add the displayname attribute too, finally we have.

Get-QADGroup -name testgroup* -searchscope “subtree” -searchroot “ou=Groups,OU=Tests,dc=mydomain,dc=net” -sizelimit 0 | Foreach {Rename-QADObject $_ -newName (“NEW-” + $_.name) | set-qadgroup -samaccountname (“NEW-” + $_.samaccountname) -displayname (“NEW-” + $_.samaccountname)}

Use ADSIEDIT to check if all the attributes have been correctly updated.

Other example with string replacement:

In this example we are looking for on all the domain the groups containing “-ops-” string, then we take only the three first letters, and we concatenate the three letters with a new string called “-Operations-LocalAdmins”, and finally we rename also the samaccoutname, the displayname, the email and we change also the description field:

Get-QADGroup -name *-Ops-* -searchscope “subtree” -searchroot “dc=dalbedom,dc=local” -sizelimit 0 | Foreach {Rename-QADObject $_ -newName ($_.name.substring(0,3) + “-Operations-LocalAdmins”) | set-qadgroup -samaccountname ($_.samaccountname.substring(0,3) + “-Operations-LocalAdmins”) -displayname ($_.samaccountname.substring(0,3) + “-Operations-LocalAdmins”) –description (“Designated as local admins at site-level”) -email ($_.samaccountname.substring(0,3) + “-Operations-LocalAdmins@dalbedom.com”) }