[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

PowerShell : Remove all group memberships of every user in an OU

Posted on 2012-08-27
2
Medium Priority
?
948 Views
Last Modified: 2012-08-28
I'd like to have a powershell script that I can give a base OU and have the script walk through every user in that OU and remove the every group from each member in that OU. The end result would be that I would have an OU full of users which are a part of no security groups. Thank you in advance!

ssd-tech
0
Comment
Question by:ssd-tech
2 Comments
 
LVL 37

Accepted Solution

by:
Jamie McKillop earned 2000 total points
ID: 38339292
Hello,

You need the free Quest cmdlets to run this script. This script will removed membership in all groups, including distribution groups. It is a little more complicated to exclude distribution groups but if you need to do that I can modify the script. You need to enter the OU in the format: 'OU=users,DC=domain,DC=com'

$OU = Read-Host "Enter OU:"
$Users = Get-QADUser -SizeLimit 0 -SearchRoot $OU
foreach ($user in $Users) {
	Remove-QADMemberOf -Identity $user.dn -RemoveAll
}

Open in new window


JJ
0
 

Author Closing Comment

by:ssd-tech
ID: 38341468
This was EXACTLY what I was looking for. Thank you!

ssd-tech
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

865 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question