The problem is not renaming the AD groups themselves, but that there are of course many directories and subdirectories whose permissions are controlled by these groups. So I would have to rename the AD groups and at the same time change the groups of all affected directories. But these changes would take a long time if there are tens of thousands of files and directories in the directory.
Unfortunately our AD groups do not have the attribute “Display Name”. I have read that you can create this attribute when creating new groups, but I can’t find anything to add this attribute to groups afterwards. Then it would be possible to solve the problem, right?
You won’t have to change anything on the permissions. The permissions are linked to the Security Identifier (SID) of the group. After renaming, the SID will simply resolve to the new name when you view the permissions.
Your groups will have the DisplayName attribute. It might not be populated, but the attribute will be there. To update it, use the Set-ADGroup cmdlet.
Set-ADGroup -Identity MyTestGroup -DisplayName 'My New Display Name'
but if I enter the same command with the groupnames it works. I do’t know why it does not work running the script? To run the command I just copied the original group names direct from the console.
In your copy/pasted example, you have an extra space before -DisplayName. Are you sure your list of groups in RenameGruppen.txt don’t have any trailing spaces?