Removing non admin accounts from server admin group

Welcome Forums General PowerShell Q&A Removing non admin accounts from server admin group

This topic contains 2 replies, has 1 voice, and was last updated by

 
Participant
1 year, 5 months ago.

  • Author
    Posts
  • #71680

    Participant
    Points: 0
    Rank: Member

    Hi All,

    I am looking to remove user accounts that have been added in to server local admin group using a script. I have written logic which removes any groups starting with tem* and any locally added admin user accounts starting with admin*. Now I am stuck at implemeneting a logic in which I can remove locally added user accounts. In our company the user accounts are like (hsgd1234,awdf8762,kuuy5223 etc etc).

    I am using the below code to retrieve the admin group membership

    $objGroup = [ADSI]("WinNT://$server/Administrators")
    $objGroupMembers = $objGroup.Invoke("Members") | foreach {$_.GetType().InvokeMember("Name", 'GetProperty',$null, $_, $null)}
    

    To remove for example any groups starting with tem* i use the below code.

    
    
                if($Member -like "tem*")
                
                {
                     
                 $objRemoveGroup = [ADSI]("WinNT://contoso/$($Member)")
                 $objGroup.Invoke("Remove",$objRemoveGroup.PSBase.Path) 
                 
                }
    
    

    Now i need to remove any user accounts that might be added. Our user accounts are 8 characters in length and the first 4 characters are alphabets and the last 4 are numbers.

    Any ideas?

    -A

  • #71681

    Participant
    Points: 0
    Rank: Member

    I think I have figured it out. I used the below code to accomplish it.

    
    
                If($Member -match ".\d{4}$")
                {
                 
                   
                 $objRemoveGroup = [ADSI]("WinNT://contoso/$Member")
                 $objGroup.Invoke("Remove",$objRemoveGroup.PSBase.Path)
                     
    
                 } 
    
  • #71683

    Participant
    Points: 0
    Rank: Member

    Or even this will work "If($Member -match "[a-z]\d{1,4}$")"

The topic ‘Removing non admin accounts from server admin group’ is closed to new replies.