< Back
Remove-ADShadowGroupMember
Post
NAME Remove-ADShadowGroupMember
SYNOPSIS
Remove an existing member in an existing AD ShadowGroup
SYNTAX
Remove-ADShadowGroupMember [-GroupNameValue] <String> [-MemberNameValue] <String> [-TypeValue] <String>
[<CommonParameters>]
DESCRIPTION
Remove an existing member in an existing AD ShadowGroup.
PARAMETERS
-GroupNameValue <String>
Mandatory parameter
-GroupNameValue string
Provide Shadow Group name to be used in configuration partition of directory (cn=Shadow Principal
Configuration,cn=Services...) (object to be searched only in the current AD)
Required? true
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-MemberNameValue <String>
Mandatory parameter
-MemberNameValue string
Provide the name of user or group to be removed in the "member" attribute of the AD Shadow Group (object to be
searched only in the current AD)
Required? true
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
-TypeValue <String>
Required? true
Position? 4
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
TypeName: Microsoft.ActiveDirectory.Management.ADObject
CanonicalName : admin.ad/Configuration/Services/Shadow Principal Configuration/PROD-Domain Admins
CN : PROD-Domain Admins
Created : 08/03/2017 16:00:41
createTimeStamp : 08/03/2017 16:00:41
Deleted :
Description :
DisplayName :
DistinguishedName : CN=PROD-Domain Admins,CN=Shadow Principal
Configuration,CN=Services,CN=Configuration,DC=admin,DC=ad
dSCorePropagationData : {01/01/1601 01:00:00}
instanceType : 4
isDeleted :
LastKnownParent :
member : {CN=Temp Prod Admins Shadow,OU=Admins,DC=admin,DC=ad, CN=Temp Prod
Admins,OU=Admins,DC=admin,DC=ad, CN=Prod Admins,OU=Admins,DC=admin,DC=ad}
Modified : 08/03/2017 19:12:47
modifyTimeStamp : 08/03/2017 19:12:47
msDS-ShadowPrincipalSid : S-1-1-11-1111111111-1111111111-111111111-111
Name : PROD-Domain Admins
nTSecurityDescriptor : System.DirectoryServices.ActiveDirectorySecurity
ObjectCategory : CN=ms-DS-Shadow-Principal,CN=Schema,CN=Configuration,DC=admin,DC=ad
ObjectClass : msDS-ShadowPrincipal
ObjectGUID : 37e6ba38-1787-41ef-937f-02a7c0be6fc3
ProtectedFromAccidentalDeletion : False
sDRightsEffective : 11
uSNChanged : 16646
uSNCreated : 16442
whenChanged : 08/03/2017 19:12:47
whenCreated : 08/03/2017 16:00:41
-------------------------- EXAMPLE 1 --------------------------
C:\\PS>Remove-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Domain Admins"
-MemberNameValue group
-------------------------- EXAMPLE 2 --------------------------
C:\\PS>Remove-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Super-Admin"
-MemberNameValue user
RELATED LINKS
SYNOPSIS
Remove an existing member in an existing AD ShadowGroup
SYNTAX
Remove-ADShadowGroupMember [-GroupNameValue] <String> [-MemberNameValue] <String> [-TypeValue] <String>
[<CommonParameters>]
DESCRIPTION
Remove an existing member in an existing AD ShadowGroup.
PARAMETERS
-GroupNameValue <String>
Mandatory parameter
-GroupNameValue string
Provide Shadow Group name to be used in configuration partition of directory (cn=Shadow Principal
Configuration,cn=Services...) (object to be searched only in the current AD)
Required? true
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-MemberNameValue <String>
Mandatory parameter
-MemberNameValue string
Provide the name of user or group to be removed in the "member" attribute of the AD Shadow Group (object to be
searched only in the current AD)
Required? true
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
-TypeValue <String>
Required? true
Position? 4
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
TypeName: Microsoft.ActiveDirectory.Management.ADObject
CanonicalName : admin.ad/Configuration/Services/Shadow Principal Configuration/PROD-Domain Admins
CN : PROD-Domain Admins
Created : 08/03/2017 16:00:41
createTimeStamp : 08/03/2017 16:00:41
Deleted :
Description :
DisplayName :
DistinguishedName : CN=PROD-Domain Admins,CN=Shadow Principal
Configuration,CN=Services,CN=Configuration,DC=admin,DC=ad
dSCorePropagationData : {01/01/1601 01:00:00}
instanceType : 4
isDeleted :
LastKnownParent :
member : {CN=Temp Prod Admins Shadow,OU=Admins,DC=admin,DC=ad, CN=Temp Prod
Admins,OU=Admins,DC=admin,DC=ad, CN=Prod Admins,OU=Admins,DC=admin,DC=ad}
Modified : 08/03/2017 19:12:47
modifyTimeStamp : 08/03/2017 19:12:47
msDS-ShadowPrincipalSid : S-1-1-11-1111111111-1111111111-111111111-111
Name : PROD-Domain Admins
nTSecurityDescriptor : System.DirectoryServices.ActiveDirectorySecurity
ObjectCategory : CN=ms-DS-Shadow-Principal,CN=Schema,CN=Configuration,DC=admin,DC=ad
ObjectClass : msDS-ShadowPrincipal
ObjectGUID : 37e6ba38-1787-41ef-937f-02a7c0be6fc3
ProtectedFromAccidentalDeletion : False
sDRightsEffective : 11
uSNChanged : 16646
uSNCreated : 16442
whenChanged : 08/03/2017 19:12:47
whenCreated : 08/03/2017 16:00:41
-------------------------- EXAMPLE 1 --------------------------
C:\\PS>Remove-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Domain Admins"
-MemberNameValue group
-------------------------- EXAMPLE 2 --------------------------
C:\\PS>Remove-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Super-Admin"
-MemberNameValue user
RELATED LINKS