Automatique or quick Security groups replacement on SharePoint sites

New Contributor

Hi everyone,

After a user’s migration from a domain A to a domain B (same forest) we are working now on the security groups.

The client wants us to create similar security groups (with same members) on the domain B, but the name should be different. (New naming convention),

The client wants to avoid the use of ADMT with the SID history 

 They are around 900 security groups used on 8000 SP sites

 

The question /challenge:

Is it possible to update/replace the groups automatically / quickly on the SP sites ?

something like > for the group DA-direction replace it by DB-direction 

I know that Sharegate could have this kind of option (mapping) but used as far as i know only in the case of a migration from SP onprem to SP online and not on a similar site (source and target).

I've seen some posts talking about Power Automate... is this could be an option ? 

 

Thanks 

BG

 

 

 

 

4 Replies

@ben_gues 

are you referring to SP On-Premise or Online ?

 

I'm confused because the label says Online but you were describing a migration from domain A to domain B.

@mr_w1nst0n 

Hi,

 

actually it was an active directory migration not Sharepoint 

We've migrated the users account from a domain to another and now we need to deal with the security groups. (used by shrepoint online) 

thanks 
ben

 

@ben_gues Ok thanks for the clarification.

 

Based on my experience:

 

If you just need to rename a SharePoint Group you can do it via PowerShell.

You have a sample here as a starting point: link

 

If you want to rename an AD security Group (Not SharePoint Group) you have to remove and re-add this specific group to get the name reflected in the system (SharePoint use Security Identifier and not the name of the AD Group)

 

To speedup the overall process I think ShareGate can still help because Online to Online is a supported scenario but the best way is to target a Test AD Security group and see how the mapping get handled by the tool. Last chance is to create a mapping file and automate the remove/re-add using PowerShell

Many thanks I will check this, I'm also checking if the something could be done with Power Automate (Flow).
a condition saying
If a user read a file > add it to the Security group A
If a user change à file > add it to Security group B

Keep you posted if this works