大家好,我有这个
function Invoke-AdDesktopGGroup {
[CmdletBinding(SupportsShouldProcess)]
param($ADGroup)
#$OUPath = "OU=SCPA,DC=souche,DC=ban"
$user = Get-ADUser -SearchBase "OU=SCPA,DC=soucy,DC=lan" -Filter * -Properties MemberOf
$user | foreach {
if ($PSCmdlet.ShouldProcess($_.Name, 'Remove Group')) {
$_ | Remove-ADGroupMember -Members $_ -Confirm $false
}
}
}
我寻求的是删除 SCPA OU 中拥有名为 Desktop Global 的组的每个用户我为此编写的命令如下 Invoke-AdDesktopGGroup -ADGroup 'Desktop Global' -Whatif
你们能帮我吗,我有点卡住了。
那么,像这样的事情?
function Invoke-AdDesktopGroup {
[CmdletBinding(SupportsShouldProcess)]
Param(
[Parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true)]
[string[]]$ADGroup
)
Begin {
$ADGroup_Splat = @{
SearchBase = 'OU=SCPA,DC=soucy,DC=lan'
Filter = '*'
Properties = 'MemberOf'
}
$ADUsers = Get-ADUser @ADGroup_Splat
}
Process{
# Remove-ADGroupMember -Identity $ADGroup -Members $ADUsers -Confirm:$false # I believe this is all you would need instead of a foreach loop
foreach ($User in $ADUsers) {
if ($PSCmdlet.ShouldProcess($User.Name, 'Remove Group')) {
Remove-ADGroupMember -Identity $ADGroup -Members $User.Name -Confirm:$false
}
}
}
}
我没有任何用户可以对此进行测试,但它应该可以工作。注意内联注释;我相信在查看Remove-ADGroupMember.
感谢您的帮助,我能够让它像这样工作
function Invoke-AdDesktopGroup {
[CmdletBinding(SupportsShouldProcess)]
Param($ADGroup)
Begin {
$ADGroup_Splat = @{
SearchBase = 'OU=SCPA,DC=soucy,DC=lan'
Filter = '*'
Properties = 'MemberOf'
}
$ADUsers = Get-ADGroupMember -Identity $ADGroup
}
Process{
foreach ($User in $ADUsers) {
if ($PSCmdlet.ShouldProcess($User.Name, 'Remove Group')) {
Remove-ADGroupMember -Identity $ADGroup -Members $User.Name -Confirm:$false
}
}
}
}
好像你给我的参数不起作用。Powershell 无法将字符串参数转换为 Active Directory 参数。但不管怎样,我还是能够通过您的输入让它发挥作用。非常感谢!