Updating Group logins on SharePoint 2013 using Active Directory Sync


I am using on-premises SharePoint 2013. We are currently using Active Directory Profile Sync. We are using security groups in AD to manage our security in SharePoint 2013. I am trying to rename a group in AD and found that this does not rename a group in SharePoint 2013. I would rather rename the group rather than having to change over 100 entries across SharePoint.

I attempted using the command stsadm -o migrategroup -oldlogin DOMAIN\Username -newlogin DOMAIN\Username

It reports Completed Successfully, but alas! no change.

What am I missing?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Walter CurtisSharePoint AEDCommented:
An AD group is just a member of a specific SharePoint group. The AD security group and the SharePoint group can have different names. There are no links between the groups, so if one name changes the other one does not automatically change. You can manually change either group name as you see fit.

A little deeper, the SharePoint group name is actually a description field. SharePoint uses a group ID for internal processes. As far as the stsadm command, unless I misunderstand your questions, is not necessary.

Hope that helps
ALC-ITOfficerAuthor Commented:
Thank you for your comments.
let me clarify. I have a Group for example called DOMAIN\Group1 (group1@email.com)
I want to change it to DOMAIN\Group2
I rename the Group in AD, by right clicking the name and selecting rename
So I change to DOMAIN\Group2 (group2@email.com).

But When I return to SharePoint, I find that nothing has changed at all. meaning if I open the user group Group1 it still has all group1 details assigned to it. When I go in to SharePoint and attempt to edit the record, I can only change the display name.

If I use the Central admin profile editor (grasping at straws) and I cant find either group.

Does that clarify it for you ?
Walter CurtisSharePoint AEDCommented:
Thanks for the expanded explanation. Here is a quick overview. It is hard to give a full answer in the space allowed here.

The quickest way is to simply use people picker and add the AD group (again) with the new name. Depending on your site structure, if you have inherited or granular permissions, this could be easy, complicated or someone in between. As far as profile editor, that might not be the level you want to manage user permissions at.  

Hope that helps some

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SharePoint

From novice to tech pro — start learning today.