我有两组;组A和组B.如果用户是组B的一部分,那么我想从组A中删除它们。这是因为组是互斥的。
我找到了一些脚本可以从组中删除用户,但不会在用户属于另一个组的情况下删除。
有人可以帮忙吗?
答案 0 :(得分:0)
试试这个:
$user = "TestUser"
$groupA = Get-ADGroupMember -Identity "Group A" -Recursive | Select -ExpandProperty Name
$groupB = Get-ADGroupMember -Identity "Group B" -Recursive | Select -ExpandProperty Name
If (($groupA -contains $user) -and ($groupB -contains $user)) {
Write-Host "$user is a member of groupA and groupB"
Remove-ADGroupMember -Identity "Group B" -Member $user
}
答案 1 :(得分:0)
这将遍历B组的所有成员,并且(如果他们是成员)将其从A组中删除。
# Get all members of the GroupB.
Foreach ($User In Get-ADGroupMember -Identity "Group B")
{
# If they are a 'MemberOf' GroupA
If ((Get-ADUser $User.SamAccountName -Properties MemberOf).MemberOf -Contains "Group A")
{
# Remove that user from GroupA
Remove-ADGroupMember -Identity "Group A" -Members $User.SamAccountName
}
}