diff --git a/Setup-ByteTrail-AD.ps1 b/Setup-ByteTrail-AD.ps1
index 8dd74fd..05ada40 100644
--- a/Setup-ByteTrail-AD.ps1
+++ b/Setup-ByteTrail-AD.ps1
@@ -44,32 +44,31 @@ foreach ($OU in $OUs) {
 Write-Host "`n[2/3] Erstelle AD-Gruppen..." -ForegroundColor Yellow
 
 $Groups = @(
-    # Name                        Beschreibung
-    @("GRP-GF-VOLLZUGRIFF",      "Geschäftsführung – Vollzugriff"),
-    @("GRP-GF-VPN",              "Geschäftsführung – VPN-Zugang"),
-    @("GRP-GF-ERP",              "Geschäftsführung – ERP-Zugriff"),
-    @("GRP-SALES-ERP",           "Sales – ERP-Zugriff"),
-    @("GRP-SALES-VPN",           "Sales – VPN-Zugang"),
-    @("GRP-SALES-FILES",         "Sales – Dateifreigabe"),
-    @("GRP-MKT-FILES",           "Marketing – Dateifreigabe"),
-    @("GRP-SVC-FILES",           "Service/Technik – Dateifreigabe"),
-    @("GRP-SVC-ERP",             "Service/Technik – ERP-Zugriff (tlw.)"),
-    @("GRP-ALL-EMAIL",           "Alle Mitarbeiter – E-Mail"),
-    @("GRP-ADMINS",              "IT-Administratoren")
+    @{ Name = 'GRP-GF-VOLLZUGRIFF'; Description = 'Geschaeftsfuehrung - Vollzugriff' }
+    @{ Name = 'GRP-GF-VPN';         Description = 'Geschaeftsfuehrung - VPN-Zugang' }
+    @{ Name = 'GRP-GF-ERP';         Description = 'Geschaeftsfuehrung - ERP-Zugriff' }
+    @{ Name = 'GRP-SALES-ERP';      Description = 'Sales - ERP-Zugriff' }
+    @{ Name = 'GRP-SALES-VPN';      Description = 'Sales - VPN-Zugang' }
+    @{ Name = 'GRP-SALES-FILES';    Description = 'Sales - Dateifreigabe' }
+    @{ Name = 'GRP-MKT-FILES';      Description = 'Marketing - Dateifreigabe' }
+    @{ Name = 'GRP-SVC-FILES';      Description = 'Service/Technik - Dateifreigabe' }
+    @{ Name = 'GRP-SVC-ERP';        Description = 'Service/Technik - ERP-Zugriff (tlw.)' }
+    @{ Name = 'GRP-ALL-EMAIL';      Description = 'Alle Mitarbeiter - E-Mail' }
+    @{ Name = 'GRP-ADMINS';         Description = 'IT-Administratoren' }
 )
 
 foreach ($Group in $Groups) {
-    if (-not (Get-ADGroup -Filter "Name -eq '$($Group[0])'" -ErrorAction SilentlyContinue)) {
+    if (-not (Get-ADGroup -Filter "Name -eq '$($Group.Name)'" -ErrorAction SilentlyContinue)) {
         New-ADGroup `
-            -Name        $Group[0] `
-            -SamAccountName $Group[0] `
+            -Name        $Group.Name `
+            -SamAccountName $Group.Name `
             -GroupScope  Global `
             -GroupCategory Security `
-            -Description $Group[1] `
+            -Description $Group.Description `
             -Path        "OU=Gruppen,$DomainDN"
-        Write-Host "  [+] Gruppe erstellt: $($Group[0])" -ForegroundColor Green
+        Write-Host "  [+] Gruppe erstellt: $($Group.Name)" -ForegroundColor Green
     } else {
-        Write-Host "  [~] Gruppe existiert bereits: $($Group[0])" -ForegroundColor Gray
+        Write-Host "  [~] Gruppe existiert bereits: $($Group.Name)" -ForegroundColor Gray
     }
 }
 
@@ -204,7 +203,7 @@ Write-Host "`n[4/4] Erstelle Service-Account für Mailserver..." -ForegroundColo
 
 $SvcSam = "svc-mailserver"
 $SvcUPN = "$SvcSam@$Domain"
-$SvcPW  = ConvertTo-SecureString "Mail$3rv!ceAcc2026" -AsPlainText -Force
+$SvcPW  = ConvertTo-SecureString 'Mail$3rv!ceAcc2026' -AsPlainText -Force
 
 if (-not (Get-ADUser -Filter "SamAccountName -eq '$SvcSam'" -ErrorAction SilentlyContinue)) {
     New-ADUser `