大家好,我有这个
function Invoke-AdDesktopGGroup {
[CmdletBinding(SupportsShouldProcess)]
param($ADGroup)
#$OUPath = "OU=SCPA,DC=souche,DC=ban"
$user = Get-ADUser -SearchBase "OU=SCPA,DC=soucy,DC=lan" -Filter * -Properties MemberOf
$user | foreach {
if ($PSCmdlet.ShouldProcess($_.Name, 'Remove Group')) {
$_ | Remove-ADGroupMember -Members $_ -Confirm $false
}
}
}
我所寻求的是删除SCPA OU中具有名为Desktop Global的组的每个用户我为此编写的命令如下调用addesktopggroup -ADGroup 'Desktop Global' -Whatif
你们能帮我一下吗,我有点卡住了。
就像这样?
function Invoke-AdDesktopGroup {
[CmdletBinding(SupportsShouldProcess)]
Param(
[Parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true)]
[string[]]$ADGroup
)
Begin {
$ADGroup_Splat = @{
SearchBase = 'OU=SCPA,DC=soucy,DC=lan'
Filter = '*'
Properties = 'MemberOf'
}
$ADUsers = Get-ADUser @ADGroup_Splat
}
Process{
# Remove-ADGroupMember -Identity $ADGroup -Members $ADUsers -Confirm:$false # I believe this is all you would need instead of a foreach loop
foreach ($User in $ADUsers) {
if ($PSCmdlet.ShouldProcess($User.Name, 'Remove Group')) {
Remove-ADGroupMember -Identity $ADGroup -Members $User.Name -Confirm:$false
}
}
}
}
我没有任何用户可以测试,但它应该可以工作。注意内联注释;我相信在看了Remove-ADGroupMember的语法之后,它可以接受一组用户。
谢谢你的帮助,我能让它像这样工作
function Invoke-AdDesktopGroup {
[CmdletBinding(SupportsShouldProcess)]
Param($ADGroup)
Begin {
$ADGroup_Splat = @{
SearchBase = 'OU=SCPA,DC=soucy,DC=lan'
Filter = '*'
Properties = 'MemberOf'
}
$ADUsers = Get-ADGroupMember -Identity $ADGroup
}
Process{
foreach ($User in $ADUsers) {
if ($PSCmdlet.ShouldProcess($User.Name, 'Remove Group')) {
Remove-ADGroupMember -Identity $ADGroup -Members $User.Name -Confirm:$false
}
}
}
}
似乎你给我的参数不起作用。Powershell无法将字符串参数转换为活动目录参数。但不管怎样,我还是能通过你的输入使它工作。非常感谢!