Script repository
The script removes object from all groups whose name starts with a specific value. To execute the script, create a business rule, custom command or scheduled task configured for the required obejct type.
Parameters
$groupNameStartsWith- Specifies the value group names should start with.$pipelined- set to$trueto remove from groups through Adaxes pipeline to create log records, apply business rules, security roles, etc. Set to$falseto perform group membership update directly in AD (Adaxes functionality will not be applied).
$groupNameStartsWith = "ABC-" # TODO: modify me
$pipelined = $True # TODO: modify me
# Get direct group membership.
$directGroupGuidsBytes = $Context.TargetObject.GetEx("adm-MemberOfGuid")
# Search parameters
$searcher = $Context.CreateGuidBasedSearcher($directGroupGuidsBytes)
$searcher.Criteria = New-AdmCriteria "group" -Expression {cn -startsWith $groupNameStartsWith}
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
try
{
# Execute search.
$searchIterator = $searcher.ExecuteSearch()
$searchResults = $searchIterator.FetchAll()
# Remove target object from greoups.
foreach ($searchResult in $searchResults)
{
$group = $Context.BindToObjectBySearchResultEx($searchResult, $pipelined)
$group.Remove($Context.TargetObject.AdsPath)
}
}
finally
{
# Release resources
if ($searchIterator){ $searchIterator.Dispose() }
}
Comments 0
You must be signed in to comment.