尝试使用PowerShell脚本从Active Directory中的所有组中删除用户
问题描述:
我正在尝试使用PowerShell脚本根据要从所有组中删除的用户接受用户的输入.我的语法错误吗?这就是我到目前为止所拥有的.
I'm trying to use a PowerShell script to accept input from the user based on what user they want removed from all groups. Is my syntax wrong? Here's what I have so far.
$User1 = Read-Host -Prompt 'Enter the username of the employee you wish to change'
Get-ADUser -Identity $User1 -Properties memberof |
Select-Object -ExpandProperty memberof |
Remove-ADGroupMember -Identity CISCOVPN, FS-001
CISCOVPN和FS-001是我要从中删除$User1的两个组.是否有办法只说从所有组中删除?
Where CISCOVPN and FS-001 are two of the groups I want $User1 removed from. Is there a way to just say remove from all groups?
答
在ForEach-Object循环中将组放入Remove-ADGroupMember:
Get-ADUser -Identity $User1 -Properties MemberOf | ForEach-Object {
$_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false
}