Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Remove an AD group from multiple servers

Posted on 2015-02-12
2
Medium Priority
?
269 Views
Last Modified: 2015-02-12
Hi EE

I have the script below that someone here helped me with to nest a Domain group into the Administrators group into multiple machines .. Would it be as easy as changing ".add" to .remove ? I tried it and it worked but I don't want to run it on 100 servers without confirmation from the experts .

$ErrorActionPreference = "Stop"
GC Servers.txt | %{
$Serv = $_
$domain="MyDomain"
$group = "GroupName"
        Try {
        ([adsi]"WinNT://$Serv/Administrators,group").Add("WinNT://$domain/$group,group")
        "" | Select @{N="Server";e={$Serv}},@{N="Status";e={"Success"}}
        }
        Catch{
        "" | Select @{N="Server";e={$Serv}},@{N="Status";e={"Failed"}}
        }
}
0
Comment
Question by:MilesLogan
2 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 40607038
I have tried this in my lab and it also worked for me. The script looks fine in regards to this as well. Also why are you using a script to add groups to local groups on machines? You can do this very easily via GPO. Create a security group add all of the machines to it and use this group for security filtering on the GPO.

When you want to add or remove a group from this you just remove/add them to the security group in question.

Will.
0
 
LVL 2

Author Closing Comment

by:MilesLogan
ID: 40607132
Thanks for checking Will .. yeah GPO was not an option , too many variables .. it was just a quick temporary fix .
0

Featured Post

WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
A walk-through example of how to obtain and apply new DID phone numbers to your cloud PBX enabled users that are configured in Office 365. Whether you have 1, 10 or 100+ users in your tenant, it's quite easy to get them phone-enabled and making/rece…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question