Removing non admin accounts from server admin group

This topic contains 2 replies, has 1 voice, and was last updated by  Ali Hassan 2 months, 2 weeks ago.

  • Author
    Posts
  • #71680

    Ali Hassan
    Participant

    Hi All,

    I am looking to remove user accounts that have been added in to server local admin group using a script. I have written logic which removes any groups starting with tem* and any locally added admin user accounts starting with admin*. Now I am stuck at implemeneting a logic in which I can remove locally added user accounts. In our company the user accounts are like (hsgd1234,awdf8762,kuuy5223 etc etc).

    I am using the below code to retrieve the admin group membership

    $objGroup = [ADSI]("WinNT://$server/Administrators")
    $objGroupMembers = $objGroup.Invoke("Members") | foreach {$_.GetType().InvokeMember("Name", 'GetProperty',$null, $_, $null)}
    

    To remove for example any groups starting with tem* i use the below code.

    
    
                if($Member -like "tem*")
                
                {
                     
                 $objRemoveGroup = [ADSI]("WinNT://contoso/$($Member)")
                 $objGroup.Invoke("Remove",$objRemoveGroup.PSBase.Path) 
                 
                }
    
    

    Now i need to remove any user accounts that might be added. Our user accounts are 8 characters in length and the first 4 characters are alphabets and the last 4 are numbers.

    Any ideas?

    -A

  • #71681

    Ali Hassan
    Participant

    I think I have figured it out. I used the below code to accomplish it.

    
    
                If($Member -match ".\d{4}$")
                {
                 
                   
                 $objRemoveGroup = [ADSI]("WinNT://contoso/$Member")
                 $objGroup.Invoke("Remove",$objRemoveGroup.PSBase.Path)
                     
    
                 } 
    
  • #71683

    Ali Hassan
    Participant

    Or even this will work "If($Member -match "[a-z]\d{1,4}$")"

You must be logged in to reply to this topic.