Powershell Automation - Remove all AD Groups (Minus Domain Users) from all Users in the Disabled OU

Isaias Perez
Isaias Perez used Ask the Experts™
I am looking to create a script that will take all users from the disabled OU  and remove all AD group memberships minus domain users so that it doesnt throw an error.
Would this work?

$OUpath = "OU=Disabled,OU=Users,OU=Park_Users_and_Groups,DC=park,DC=net"
$disbaledUsers = Get-ADUser -Filter * -SearchBase $OUpath

foreach ($disableduser in $disabledusers)
{

Remove-ADGroupMember -Identity *


}

Open in new window

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2018
Distinguished Expert 2018
This should do the trick:
$OUpath = "OU=Disabled,OU=Users,OU=Park_Users_and_Groups,DC=park,DC=net"
Get-ADUser -Filter * -Property memberOf -SearchBase $OUpath | ForEach-Object {
	Write-Host "Processing $($_.SamAccountName)"
	If ($_.memberOf) {
		Remove-ADPrincipalGroupMembership -Identity $_ -MemberOf $_.memberOf -Confirm:$false
	}
}

Open in new window

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial