Hi, I'm fairly new to powershell and I'm looking for help on a powershell script to remove all AD group membership from a computer. So anything under the Member of tab in AD for that computer. Please note I do not plan on using the dell quest cmdlets. Thanks for any help in advance.
# The computer you want to remove
$server = 'Server1'
# The computer DN
$computerDN = Get-ADComputer -Identity $server | select -expandproperty DistinguishedName
# The list of groups in the member of attribute
$groupDN = Get-ADComputer -Identity $server -Properties MemberOf| select -expandproperty MemberOf
# go through the list
foreach($g in $groupDN)
# If you want to suppress confirmation add -Confirm:$false to the line below
Remove-ADGroupMember -Identity "$g" -Member "$computerDN"
Disclaimer: works in my lab, so test it first before using.
Edit: You need the powershell RSAT tools for Active Directory installed to use the Get-ADComputer, Remove-ADgroupmember
Edit2: Forgot to mention that the above will not remove the group that is set as the Primary AD group for the computer, usually this is "Domain Computers"