Author Posts

May 30, 2017 at 8:05 am

Hi All,

I am looking to remove user accounts that have been added in to server local admin group using a script. I have written logic which removes any groups starting with tem* and any locally added admin user accounts starting with admin*. Now I am stuck at implemeneting a logic in which I can remove locally added user accounts. In our company the user accounts are like (hsgd1234,awdf8762,kuuy5223 etc etc).

I am using the below code to retrieve the admin group membership

$objGroup = [ADSI]("WinNT://$server/Administrators")
$objGroupMembers = $objGroup.Invoke("Members") | foreach {$_.GetType().InvokeMember("Name", 'GetProperty',$null, $_, $null)}

To remove for example any groups starting with tem* i use the below code.



            if($Member -like "tem*")
            
            {
                 
             $objRemoveGroup = [ADSI]("WinNT://contoso/$($Member)")
             $objGroup.Invoke("Remove",$objRemoveGroup.PSBase.Path) 
             
            }

Now i need to remove any user accounts that might be added. Our user accounts are 8 characters in length and the first 4 characters are alphabets and the last 4 are numbers.

Any ideas?

-A

May 30, 2017 at 8:58 am

I think I have figured it out. I used the below code to accomplish it.



            If($Member -match ".\d{4}$")
            {
             
               
             $objRemoveGroup = [ADSI]("WinNT://contoso/$Member")
             $objGroup.Invoke("Remove",$objRemoveGroup.PSBase.Path)
                 

             } 

May 30, 2017 at 9:43 am

Or even this will work "If($Member -match "[a-z]\d{1,4}$")"