Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.


Script removes user from groups intermittently

Script removes user from groups intermittently

I have a script that was written by a contractor some time ago. It is designed to disable a user and does multiple things. It does the following:
* Disables the AD account
* Moves the AD account to another OU
* Updates the AD description field with the date it was disabled
* Hides the mailbox from the GAL in Exchange 2010
* Moves the home folder to another location
* Moves another user folder to another location
* Removes the user from all groups it is a member of

All works perfectly except for the last thing. This works intermittently. It will sometimes remove them from all groups but sometimes only from some groups. I have altered the script to only perform the action of removing the user from groups. I created a test user and added it to 1/2/5/10/30 groups and it works perfectly on every attempt.

This function gets the details of the user:

CODE --> PowerShell

# ---------------------------------- #
# Function return the DN of the user #
# ---------------------------------- #

function get-dn ($SAMName)    {
    $root = [ADSI]''
     $searcher = new-object System.DirectoryServices.DirectorySearcher($root)
    $searcher.filter = "(&(objectClass=user)(sAMAccountName= $SAMName))"
    $user = $searcher.findall()

    if ($user.count -gt 1)      {     
            $count = 0
                foreach($i in $user)            { 
            write-host $count ": " $i.path 
                    $count = $count + 1

            $selection = Read-Host "Please select item: "
        return $user[$selection].path

          }      else      { 
          return $user[0].path

This part of the code removes the use from groups:

CODE --> PowerShell

Write-Host "-- Remove user from all groups..." -foregroundcolor White -backgroundcolor DarkYellow
echo ""

dsquery group -limit 2000 | dsmod group -c -q -rmmbr $path.Substring(7) 2>$NULL

Write-Host "   User has been removed from all groups" -foregroundcolor White -backgroundcolor DarkGreen
echo "" 

Any ideas why this works intermittently??

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!


Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close