问题
I'm trying to use a PowerShell script to accept input from the user based on what user they want removed from all groups. Is my syntax wrong? Here's what I have so far.
$User1 = Read-Host -Prompt 'Enter the username of the employee you wish to change'
Get-ADUser -Identity $User1 -Properties memberof |
Select-Object -ExpandProperty memberof |
Remove-ADGroupMember -Identity CISCOVPN, FS-001
Where CISCOVPN and FS-001 are two of the groups I want $User1 removed from. Is there a way to just say remove from all groups?
回答1:
Pipe the groups into Remove-ADGroupMember in a ForEach-Object loop:
Get-ADUser -Identity $User1 -Properties MemberOf | ForEach-Object {
$_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false
}
回答2:
Get-ADPrincipalGroupMembership $user| foreach {Remove-ADGroupMember $_ -Members $user -
Confirm:$false}
来源:https://stackoverflow.com/questions/44144678/trying-to-remove-user-from-all-groups-in-an-active-directory-using-powershell-sc