Remove OU Member from Groups

by pumabaer at 2013-04-30 14:29:25

Q: I wan´t to remove all Members of a OU from all Groups they are Member of.
I tried this:
$User = Get-ADUser -Filter * -Searchbase "OU=test,OU=testtest,OU=test,DC=test,DC=test"
Get-ADPrincipalGroupMembership $User| % {Remove-ADPrincipalGroupMembership $User -Confirm:0 -MemberOf $_}

Can anybody help me to find out what is wrong.

by MasterOfTheHat at 2013-05-01 08:49:15
Assuming there is more than one user in your search base, the $User variable is going to be an array of users and not a single user. You need to pass a single user as the -Identity parameter of the Get-ADPrincipalGroupMembership, though. You’ll need to loop through all of the users in $Users and run the Get-ADPrincipalGroupMembership cmdlet for each.

I haven’t tested this, but try something like:
$Users = Get-ADUser -Filter * -Searchbase "OU=test,OU=testtest,OU=test,DC=test,DC=test"

foreach ($user in $Users) {
$groups = Get-ADPrincipalGroupMembership $user
foreach ($group in $groups) {
Remove-ADPrincipalGroupMembership $user -Confirm:0 -MemberOf $group
by pumabaer at 2013-05-01 11:36:07
your Answer solved my Problem/Question.

