Solved

Remove old SIDS from multiple AD groups with powershell

Posted on 2016-09-28
2
62 Views
Last Modified: 2016-09-29
Hi EE

I have a list of old SIDS I need to remove from groups but instead of doing one at a time , I wanted to add all the SIDS and groups
to a CSV file and remove them faster ...

I was thinking something like this ... but I need help completing it or if someone already has this .

$sids = import-csv .\RemoveSIDS.csv
Foreach ($sid in $sids) {Set-ADGroup $sids -remove @{SIDHistory=$sid.value} }


What would my CSV file headers be ? how do I reference that in the script ?
one column would have the SID and the other column would be the group name that it needs to remove the SID from .

this does one at a time .
Set-ADGroup <Groupname> -remove @{sidhistory="S-1-5-21-xxxxxxxxx-xxxxxxxxx-xxxxxxxxxx-xxxx"}
0
Comment
Question by:MilesLogan
2 Comments
 
LVL 40

Accepted Solution

by:
Subsun earned 500 total points
ID: 41820799
Try...
Import-csv c:\input.csv | % {Set-ADGroup $_.Group -remove @{sidhistory=$_.Sid}}

Open in new window

Csv format
Group,Sid
GroupA,S-1-5-21-xxxxxxxxx-xxxxxxxxx-xxxxxxxxxx-xxxx
GroupB,S-1-5-21-xxxxxxxxx-xxxxxxxxx-xxxxxxxxxx-xxxx

Open in new window

0
 
LVL 2

Author Closing Comment

by:MilesLogan
ID: 41822790
perfect !
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question