Get-ADPrincipalGroupMembership question

wayne-peloquin · May 6, 2015, 6:37am

Hello all,

First thanks for taking the time to read this.

I would like to modify this script to remove all of an AD users group memberships but exclude deleting 2 groups 1st named “Archive” and 2nd named “domain Users”.

Is this possible?

Get-ADPrincipalGroupMembership -Identity $User | % {Remove-ADPrincipalGroupMembership -Identity $User -MemberOf $_ -Confirm:$False}

thanks,
Wayne

rob-simmers · May 6, 2015, 7:06am

Yup:

Get-ADPrincipalGroupMembership -Identity $User |  Where{$_.Name -ne "Archive" -or $_.Name -ne "Domain Users"} | foreach {Remove-ADPrincipalGroupMembership -Identity $User -MemberOf $_ -Confirm:$False -WhatIf}

Added a -WhatIf to Remove-ADPrincipalGroupMembership to make sure you are actually deleting what you expect.

wayne-peloquin · May 6, 2015, 7:48am

Thanks Rob! I tested this this morning and it seems to not like the -or so I tried an -and

that seemed to work

You made my life a whole lot easier. thank you!

Topic		Replies	Views
Remove ADGroupMember except domain users and others PowerShell Help	8	157	December 9, 2016
Remove OU Member from Groups PowerShell Help	0	193	December 31, 2011
remove Users from All ad groups except 2 PowerShell Help	4	194	January 28, 2020
Deleting Users from Groups PowerShell Help	0	117	December 31, 2011
Script to remove a group of users from AD Group PowerShell Help	8	192	November 25, 2018

Get-ADPrincipalGroupMembership question

Related Topics