8 August, 2017

How to remove users from AD groups using PowerShell

I recently cleaned up permissions on our AD, and found that working methodically though the Department/Company attributes first paid dividends in removing extraneous groups that users had access to:

$group = 'GroupToBeCleaned'
$users = Get-ADGroupMember $group | Get-ADUser -Properties * | ? { $_.company -Like "*Contractor*"}
foreach ($user in $users){
    Remove-ADGroupMember -Identity $group -Members $user -Confirm:$false
}
Tagged: