Remove all members from a group

Do you need to remove all members from a group

$ou = "OU=BlogTests,DC=Manticore,DC=org"            
            
"`nMicrosoft"            
$group = "GroupUnvlSecA"            
Get-ADGroupMember -Identity $group |            
Remove-ADPrincipalGroupMembership -MemberOf $group -Confirm:$false            
            
            
"`nAD provider"            
$group = "GroupUnvlSecB"            
$ou = "OU=TestGroups,DC=Manticore,DC=org"            
            
$members = @()            
Set-ItemProperty -Path ad:\"cn=$group,$ou" -Name member -Value $members -Force            
            
"`nQuest"            
$group = "GroupUnvlSecC"            
Get-QADGroupMember -Identity $group |             
Remove-QADGroupMember -Identity $group            
            
            
"`nScript"            
$group = "GroupUnvlSecD"            
$ge = [adsi]"LDAP://cn=$group,$ou"            
            
$ge.member |            
foreach {            
  $ge.Remove("LDAP://$($_)")             
}


The Microsoft cmdlet and provider will moan about insufficient privileges if you get the syntax wrong



For the Microsoft cmdlet we can pipe the group membership into Remove-ADPrincipalGroupMembership. Notice the use of –Confirm.  if you don’t use that you will be asked to confirm every deletion.



The Quest cmdlet is a simple get | remove operation



The provider treats the members as an array so we can use an empty array to overwrite the memebrship



The script iterates through the members and uses the Remove() method to delete members

Leave a Reply