Active Directory: Does renaming a security group also change the name of all instances where the group was used?

active-directory

If I rename a security group via the Active Directory Users and Computers MMC does that rename properly propagate across all instances where the group was used?

Meaning that if I have, for example, a shared drive set up with that specific group having access, does the group name change automatically change the name of the group that has been granted access to that shared drive?

Obviously it's less of an issue if the group name is only used once somewhere, but if the group is used a few dozen times it would be far to labor intensive to find and rename all instances in which the group was used manually.


Solution 1:

Yes. The name is an attribute on the group - anything sensibly that uses them does not use the name but the underlying SID that does not change - a unique key for an object in AD.

Naturally some third party software is written by people too lazy to ask for the SID and codes names.

Solution 2:

https://support.microsoft.com/en-us/kb/2928800

Symptoms

Assume that you rename a security group or a distribution group, and then grant permissions for the group to a folder by editing the Security tab of the folder properties. You log on a computer that is running Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), or Windows Server 2008 R2 SP1. In this situation, when you check the system access control list (SACL) in the Security tab of the folder properties, the group is displayed as Group Name (Domain Name\name), which is invalid. We expect that the group is Group Name (Domain Name\sAMAccountName).

Notes - Name is a placeholder for the name attribute in the group properties. - sAMAccountName is a placeholder for the sAMAccountName attribute in the group properties.

Cause This issue occurs because incorrect name attribute is used instead of the sAMAccountName attribute in the SACL group display function.

Resolution To resolve this issue in Windows 8.1 and Windows Server 2012 R2, install update 2919355.

To resolve this issue in Windows 7 and Windows Server 2008 R2, install the hotfix that is described in this article.

Related

Tools for maintaining yum repositories
Can nginx use different SSL protocols in different server blocks?
When does IIS log a request?
Why does "find -mtime" not work as expected on files with different timezones?
Install Java 9, 10, 11, or 12 on FreeBSD 11.1
Exim4 - temporarily freeze outgoing emails from specific user
Successful login with iscsiadm on target still doesn't create block device
Why can a user log in via more than one UPN?
Azure Powershell - Change Directory
Where can i find the latest unattended.xml schema (xsd)?
How to remove DNSSEC support from a domain?
KVM+DRBD replicated between two active-passive servers with manual switching