Solved

Remove groups from user objects in a specific OU folder in active directory.

Posted on 2015-02-13
3
110 Views
Last Modified: 2015-02-19
I need to create a power shell script that will remove all the groups from a user object, except the Domain User group. I found this sample and made the changes needed to point to the OU folder that will contain the users that need the groups removed from them.

Import-Module activedirectory
$ou = Get‐ADUser ‐SearchBase "OU=Disabled Users,DC=LABDOMAIN,DC=COM" ‐Filter *
foreach ($user in $ou) {
$UserDN = $user.DistinguishedName
Get‐ADGroup ‐LDAPFilter "(member=$UserDN)" | foreach‐object {
if ($_.name -ne "Domain Users") {remove‐adgroupmember ‐identity $_.name ‐member $UserDN ‐Confirm:$False} }
}

When I run the script, I receive the errors below.
Get‐ADUser : The term 'Get‐ADUser' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path
was included, verify that the path is correct and try again.
At C:\Users\Administrator\Desktop\User Object Cleanup.ps1:2 char:7
+ $ou = Get‐ADUser ‐SearchBase "OU=Disabled Users,DC=LABDOMAIN,DC=COM" ‐Filter *
+       ~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (Get‐ADUser:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

Any ideas?
0
Comment
Question by:Domenic DiPasquale
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40608327
Get‐ADUser : The term 'Get‐ADUser' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path

This is because the activedirectory module did not import before running the script.

You can run get-module and it will display all of the modules that are currently installed on the server.

What you could do is just try typing import-module activedirectory first.

then try your script.

If you are running this from a workstation you will need to have RSAT (remote server admin tools) installed to get access to the AD cmdlets in the module.

Will.
0
 

Author Comment

by:Domenic DiPasquale
ID: 40608336
I found my issue. "-member" was missing an "s" at the end. I have "Import-Module activedirectory" in front of the code, which should enable the use of Get-ADUser. I decided to re-write the code using the PowerShell ISE to make sure the syntax was entered properly.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40608459
Get‐ADUser : The term 'Get‐ADUser' is not recognized as the name of a cmdlet
You get this error message specifically when the module is not imported into the powershell session.

Will.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question