As part of reconciliation activities, a system administrator may need to remove members from security groups or users who have left the organization or moved to a different department and no longer require access to a particular network resource/shared drive. These changes generally involve removing user accounts from a given security group.
The Active Directory PowerShell module provides a cmdlet called Remove-ADGroupMember
. Similar to the Get-ADGroupMember
cmdlet, the Remove-ADGroupMember
cmdlet also has two mandatory parameters: Identity
and Members
. The Identity
parameter takes the name of the group from which you want to remove the members and the Members
parameter takes the list of users, computers, or group accounts that you want to remove.
The following sample command is used to remove a user account from a security group:
Remove-ADGroupMember -Identity TestGroup -Members LabUser1
As you can see in the following screenshot, the Remove-ADGroupMember...