May 30
Active Directory Name Change (SharePoint groups not updating)

SCENRIO
In SharePoint we use Active Directory groups as a typical process to secure data from within most SharePoint sites rather than using SharePoint groups for the added flexibility it provides other systems outside the environment.

In this scenario an Active Directory (AD) group existed in a SharePoint site that had its AD named changed from domain\groupname to domain\groupnamenew. As result of this change the AD security from within SharePoint no longer worked.

After removing the group and adding it back to SharePoint the group continued to resolve to the old name. After some troubleshooting the AD group was removed from SharePoint and deleted from Active Directory. After allowing time for AD replication the account was recreated with the new name domain\groupnamenew and added back to the SharePoint site.

After adding the account back to SharePoint it still resolved to the old name which no longer existed in Active Directory.

SOLUTION
The solution was to remove the AD group from SharePoint by navigating to /_catalogs.

    • Locate the group name that is problematic and click the group name.
      • It now will display the User Information: page.
        • Select Delete User from Site Collection.
      • This will remove any group associations form the site collection.
    • You can now add the AD group back to the site which should now resolve to the correct new name.

This behavior should only occur when an Active Directory group is renamed and exists in SharePoint previous to the rename.

Comments

Quicker

Thanks dude, I used this to resolve a problem, but you should know you don't have to dig down to that level url you have typed.

Just select a group - any group - then a context menu will appear that you can select from and view any group.

or just go here..

http://myintranet/_layouts/groups.aspx
 on 12/11/2012 10:51 PM

Thanks!

To the comment above, thank you for this quick fix!
Works great, only risk to be a difficult process because you'll have to re-add the permissions for the deleted groups again afterwards.
 on 2/21/2014 3:56 AM

 ‭(Hidden)‬ Blog Tools