Solved

Remove an AD group from multiple servers

Posted on 2015-02-12
2
237 Views
Last Modified: 2015-02-12
Hi EE

I have the script below that someone here helped me with to nest a Domain group into the Administrators group into multiple machines .. Would it be as easy as changing ".add" to .remove ? I tried it and it worked but I don't want to run it on 100 servers without confirmation from the experts .

$ErrorActionPreference = "Stop"
GC Servers.txt | %{
$Serv = $_
$domain="MyDomain"
$group = "GroupName"
        Try {
        ([adsi]"WinNT://$Serv/Administrators,group").Add("WinNT://$domain/$group,group")
        "" | Select @{N="Server";e={$Serv}},@{N="Status";e={"Success"}}
        }
        Catch{
        "" | Select @{N="Server";e={$Serv}},@{N="Status";e={"Failed"}}
        }
}
0
Comment
Question by:MilesLogan
2 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40607038
I have tried this in my lab and it also worked for me. The script looks fine in regards to this as well. Also why are you using a script to add groups to local groups on machines? You can do this very easily via GPO. Create a security group add all of the machines to it and use this group for security filtering on the GPO.

When you want to add or remove a group from this you just remove/add them to the security group in question.

Will.
0
 
LVL 2

Author Closing Comment

by:MilesLogan
ID: 40607132
Thanks for checking Will .. yeah GPO was not an option , too many variables .. it was just a quick temporary fix .
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question