Reputation: 1
Remove Disabled Accounts from all Groups that begin with “Group-”
I am trying to Remove all Disabled Accounts from all Groups that begin with Group-. We have several Distribution groups that begin with Groups- for example Groups-users-internal, groups-users-external and many more.
I have a script but I get the message:
Remove-ADGroup : A positional parameter cannot be found that accepts argument '(name=Groups-sites-*)'.
At line:1 char:139
+ Get-ADGroup -LDAPFilter “(name=Groups-sites-*)” | Get-ADGroupMember | Get-ADUser ...
so far my script is as follows Please help
Get-ADGroup -LDAPFilter “(name=Groups-sites-*)” | Get-ADGroupMember | Get-ADUser | Where-Object {$_.Enabled -eq $False} |
ForEach-Object {Remove-ADGroup -Identity -LDAPFilter “(name=Groups-sites-*)” -Members $ -Confirm:$False}
Upvotes: 1
Views: 1613
Answers (1)
Reputation: 118
I will reply based on my experience with PoSh version 3:
To begin with, there is a slight syntax error in your code. At char 139 you have {Remove-ADGroup.. The correct syntax is 'Remove-ADGroupMember'.
Remove-ADGroupMember does not have a -ldapfilter switch. In this case, you will have to split your code up into a few lines as you will need to 'get' each object and 'process' each object consecutively or one item at a time.
# Using -whatif switch. ** Remove whatif switch only when happy with desired result.
# Assumptions - all group members are users. Use Try{}Catch{} to handle errors.
#
# Collect all groups into array
$groups = (Get-ADGroup -LDAPFilter "(name=Group-*)").name
# Process each group one at a time
ForEach($group in $groups){
# Get all members
$members=Get-ADGroupMember -Identity $group;
# Process disabled accounts for removal
$members | ForEach{
If($_.enabled -eq $false){
#Output member to be removed to screen
$_ | Select Name,SAMAccountName,Enabled;
#Remove disabled member from group
Remove-ADGroupMember -identity $group -Members $_.samaccountname -confirm:$false -whatif
}
} # Next Member
} # Next Group
Upvotes: 2
Related Questions
- PowerShell Remove all users from a specific group
- How to remove All Groups with Exceptions by using Powershell?
- find members of groups excluding disabled users
- Trying to remove user from all groups in an Active Directory using PowerShell script
- Using Powershell to remove a user from a list of groups
- Remove users from AD group using Powershell
- Powershell remove users from group
- PowerShell: How can I delete a security group on a server?
- Powershell 2.0 - Remove Group Membership for List of Disabled Accounts
- icacls remove all groups from ACL