Strange Behavior for 'Remove User Group Membership'
hello all,
have completed first attempt @ ps script used terminated users. 1 of last tasks in script change value 'hiddenfromaddresslistsenabled' object $true. have discovered other mailboxes being marked hidden well, , random @ best. not see may have done in script produce these types of results. appreciated.
#---------------------------------------------- enter-pssession dc1adcp03 import-module activedirectory $date = get-date $domain = "domain.com" $samaccountname = get-aduser (read-host "please enter username") -properties memberof $user = $samaccountname # define functions #send email function $emailfrom = "powershell@domain.com" $emailto = "user@domain.com" $emailsubject = "groups removed $samaccountname" $smtpserver = "smtp.domain.com" function send_email { $mailmessage = new-object system.net.mail.mailmessage $mailmessage.from = ($emailfrom) $mailmessage.to.add($emailto) $mailmessage.subject = $emailsubject $mailmessage.body = $emailbody #$mailmessage.isbodyhtml = $true $smtpclient = new-object net.mail.smtpclient($smtpserver, 25) $smtpclient.send($mailmessage) } # function remove groups user account function removememberships { $usergroups = $user.memberof $usergroups | foreach-object {get-adgroup $_ | remove-adgroupmember -confirm:$false -member $samaccountname} $usergroups = $null } $user | foreach-object {removememberships $_.samaccountname} # function create random password function createpassword([int]$length) { $specialcharacters = "@#$%^&*()_!+" $lowercase = "abcdefghijklmnopqrstuvwxyz" $uppercase = "abcdefghijklmnopqrstuvwxyz" $numbers = "1234567890" $res = "" $rnd = new-object system.random { $flag = $rnd.next(4); if ($flag -eq 0) {$res += $specialcharacters[$rnd.next($specialcharacters.length)]; } elseif ($flag -eq 1) {$res += $lowercase[$rnd.next($lowercase.length)]; } elseif ($flag -eq 2) {$res += $uppercase[$rnd.next($uppercase.length)]; } else {$res += $numbers[$rnd.next($numbers.length)]; } } while (0 -lt $length--) return $res } add-adgroupmember "cn=enabled terminated employees,ou=firmusers,dc=littler,dc=com" -member $user get-aduser $samaccountname -properties description | foreach-object {set-aduser $_ -description "left firm - not delete - $($_.description)" -clear initials,sn,givenname,manager} $pwd = createpassword 7 set-adaccountpassword $user -reset -newpassword (convertto-securestring -asplaintext "$pwd" -force) exit-pssession #set location install exchange powershell snapin chdir "c:\program files\microsoft\exchange server\bin" #add exchange powershell snapin add-pssnapin microsoft.exchange.management.powershell.admin #this built in script install exchange powershell module .\exchange.ps1 #identify userprincipalname "jbravo@domain.com" , hide mailbox. $mailuser = $user.userprincipalname get-mailbox -identity $mailuser | set-mailbox -hiddenfromaddresslistsenabled $true send_email exit best regards,
brian
you passing samaccountname, when needs full user. should work:
$user | foreach-object { removemembership $_ }
grant ward, a.k.a. bigteddy
Windows Server > Windows PowerShell
Comments
Post a Comment