#Created By - Abhishek Bansal
<#Read Me !!
1. Script Usage - Removing Members (Users & Groups ) mentioned in Input.txt from AD Group.
2. Incase of Access Denied, run ISE as Administrator & make sure account used should have sufficient rights to remove User id from AD Group.
For using it on any other server, just copy the entire folder, edit .ps1 into PS ISE & run it. #>
$grp = Read-Host "Enter AD Group Name = "
Get-ADGroupMember -Identity $grp | Select Name,Samaccountname | Export-Csv ./BeforeRemoval_Membership_$grp.csv -NoTypeInformation -Append
$users = Get-Content .\Input.txt
$line = 0
$linecount = $users.Count
$percentagecomplete= 0
$filename = "Output_"+(Get-Date -Format "yyyy_MM_dd")+".csv"
foreach($userid in $users)
{
$line++
$percentagecomplete = $line / $linecount * 100
$error.Clear()
$userid = $userid.Trim()
Write-Progress -Activity "Removing Users..." -PercentComplete $percentagecomplete -Status "$line out of $linecount"
try{
Remove-ADGroupMember -Identity $grp -Members $userid -Confirm:$false
$userid | Select-Object -Property @{n="Samaccountname";e={$userid}}, @{n="Status";e={"$userid removed succesfully on $(get-date)" }} | Export-csv ./$filename -NoTypeInformation -Append
}
catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
{
$userid | Select-Object -Property @{n="Samaccountname";e={$userid}}, @{n="Status";e={$error.exception.message}} | Export-csv ./$filename -NoTypeInformation -Append
}
}
Get-ADGroupMember -Identity $grp | Select Name,Samaccountname | Export-Csv ./AfterRemoval_Membership_$grp.csv -NoTypeInformation -Append
No comments:
Post a Comment