How to filter out Built-In and unwanted Groups (Where-Object PS)

I’m currently writing a function to remove all non-builtin groups of an AD-User. The rest of the function works fine (for now) and I need to put in all groups I want the User to be removed from. The groups I want to remove are either Application-Securitygroups and/or Delivery-groups. Built-In groups like "Domain Users" shall be filtered out automatically.

I feel like an Idiot asking this but how can I filter out more groups like "Domain Users" and our "FIM.*" groups?

This is how I filter out our "FIM.*" groups:

Get-ADPrincipalGroupMembership -Identity $UserPrincipalname | Where-Object -Property name -NotLike "FIM.*" | select name

Thanks for looking at my question and have a nice day! 🙂

>Solution :

Where-Object accepts a scriptblock – you can use this to combine multiple comparisons into a single predicate:

... |Where-Object { $_.Name -notlike 'FIM.*' -and $_.Name -ne 'Domain Users' } |...

Leave a Reply