widsnet.com
4Nov/110

Remove specific computers from AD groups

Thought i should start to learn some powershell.

Import-Module ActiveDirectory
$cda5Computers = Get-ADComputer -Filter "*" -SearchBase "OU=Clients,DC=domain,DC=com" -Property memberOf
$cda5Computers | ForEach-Object {
    $ProdPakGroups = @()
    $_.memberOf | ForEach-Object {
        If ($_ -like "CN=ProdPak*"){
            $ProdPakGroups += $_
        }
    }
    If ($ProdPakGroups.Length -gt 0){
        Write-Host $_.Name
        Write-Host $ProdPakGroups
        Remove-ADPrincipalGroupMembership -Identity $_ -memberOf $ProdPakGroups -Confirm:$False
    }
}
Filed under: Active Directory, PowerShell Leave a comment
Comments (0) Trackbacks (0)

No comments yet.


Leave a comment

(required)

No trackbacks yet.

» «

Categories

Admin

Login