Author Posts

May 30, 2017 at 8:05 am

Hi All,

I am looking to remove user accounts that have been added in to server local admin group using a script. I have written logic which removes any groups starting with tem* and any locally added admin user accounts starting with admin*. Now I am stuck at implemeneting a logic in which I can remove locally added user accounts. In our company the user accounts are like (hsgd1234,awdf8762,kuuy5223 etc etc).

I am using the below code to retrieve the admin group membership

$objGroup = [ADSI]("WinNT://$server/Administrators")
$objGroupMembers = $objGroup.Invoke("Members") | foreach {$_.GetType().InvokeMember("Name", 'GetProperty',$null, $_, $null)}

To remove for example any groups starting with tem* i use the below code.

            if($Member -like "tem*")
             $objRemoveGroup = [ADSI]("WinNT://contoso/$($Member)")

Now i need to remove any user accounts that might be added. Our user accounts are 8 characters in length and the first 4 characters are alphabets and the last 4 are numbers.

Any ideas?


May 30, 2017 at 8:58 am

I think I have figured it out. I used the below code to accomplish it.

            If($Member -match ".\d{4}$")
             $objRemoveGroup = [ADSI]("WinNT://contoso/$Member")


May 30, 2017 at 9:43 am

Or even this will work "If($Member -match "[a-z]\d{1,4}$")"