We help IT Professionals succeed at work.

Powershel lto remove users from group

gd6627
gd6627 asked
on
149 Views
Last Modified: 2018-12-14
I have a csv of  user samaccountnames . I need to run this list against a group to remove these users from that group using powershell
Comment
Watch Question

Jason CrawfordTransport Ninja
CERTIFIED EXPERT

Commented:
Your .csv file should contain one column entitled 'Member'.  Save it on the desktop of a Domain Controller and name it users.csv.  You can label the column whatever you want but I'm going with 'Member' for the script.  Each row under the Member column should contain a single sAMAccountname.  Replace "<insert group sAMAccountName" (including brackets) with the AD group's sAMAccountName:

Import-Module activedirectory
$group = <insert group sAMAccountName>

Import-Csv "$env:USERPROFILE\Desktop\users.csv" | ForEach-Object {
  Remove-ADGroupMember -Identity $group -Members $_.member -Confirm $false
}

Open in new window

David Johnson, CDSimple Geek from the '70s
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Import-Module ActiveDirectory -ErrorAction Stop
$groupname = 'MyGroup'
$count = (Get-ADGroupMember -Identity $groupname).count
Write-Output ("{0} Currently has {1} members" -f $groupname,$count)
$members = Import-Csv -Path C:\scripts\toremove.csv 
Remove-ADGroupMember -Identity $groupname -Members $members.samaccountname -Confirm:$false

$count = (Get-ADGroupMember -Identity $groupname).count
Write-Output ("{0} Currently has {1} members" -f $groupname,$count)

Open in new window

Author

Commented:
Hi David does your script remove the user from group as well or just display a count?

Author

Commented:
Jason where do I define the group name?

Author

Commented:
Jason,
This is what I did but its not working for me
Import-Module activedirectory
$group = 'test group'

Import-Csv "$env:c:\RemovefrmMDM.csv" | ForEach-Object {
  Remove-ADGroupMember -Identity $group -Members $_.sAmaccountname -Confirm $false
}

my csv file has a header of samaccountname.
I placed the name of the group in single quotes
not sure about the $env: line that's where my csv file is located
Jason CrawfordTransport Ninja
CERTIFIED EXPERT

Commented:
Don't change the $env:USERPROFILE variable.  It's a global variable in PowerShell that points to your Windows profile path.  If you don't want to use the variable just type the entire path to wherever you saved the .csv file.  For instance:

c:\users\gd6627\desktop\removefrmmdm.csv

Is the same as:

$env:USERPROFILE\Desktop\RemovefrmMDM.csv

Author

Commented:
How about the where yo uhave the <> do I remove those I place the name of the group
Jason CrawfordTransport Ninja
CERTIFIED EXPERT

Commented:
Yes you should remove the < >.  They were just meant as a placeholder...I guess I need to find a different way of indicating that since you're not the first person to mention it.

Author

Commented:
Am getting this prompt every time heres what I have

Import-Module activedirectory
$group = 'mdm-ems-license-pilot' group sAMAccountName

Import-Csv "c:\RemoveFrmMDM.csv" | ForEach-Object {
  Remove-ADGroupMember -Identity $group -Members $_.member
}
Jason CrawfordTransport Ninja
CERTIFIED EXPERT

Commented:
Here let's just remove the unnecessary confusion from the script:

Import-Module activedirectory
Import-Csv "c:\RemoveFrmMDM.csv" | ForEach-Object {
  Remove-ADGroupMember -Identity 'mdm-ems-license-pilot' -Members $_.member 
}

Open in new window

David Johnson, CDSimple Geek from the '70s
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
my script does a count of the users in the group before and after the remove operation
to stop the prompts use the parameter -confirm:$false

Author

Commented:
Jason after running your revise version I get this
Remove-ADGroupMember : Cannot validate argument on parameter 'Members'. The argument is null or empty. Supply an argument that is not null or empty and then try the command again.
At E:\PSSCRIPTS\ADTemplates\GroupScripts\RemovefromGroups\Remove users from group.ps1:15 char:66
+   Remove-ADGroupMember -Identity 'mdm-ems-license-pilot' -Members <<<<  $_.member
    + CategoryInfo          : InvalidData: (:) [Remove-ADGroupMember], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.RemoveADGroupMember
Transport Ninja
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
Thanks for your help
Jason CrawfordTransport Ninja
CERTIFIED EXPERT

Commented:
Glad I could help.  Take care :)
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.