I’m currently writing a function to remove all non-builtin groups of an AD-User. The rest of the function works fine (for now) and I need to put in all groups I want the User to be removed from. The groups I want to remove are either Application-Securitygroups and/or Delivery-groups. Built-In groups like "Domain Users" shall be filtered out automatically.
I feel like an Idiot asking this but how can I filter out more groups like "Domain Users" and our "FIM.*" groups?
This is how I filter out our "FIM.*" groups:
Get-ADPrincipalGroupMembership -Identity $UserPrincipalname | Where-Object -Property name -NotLike "FIM.*" | select name
Thanks for looking at my question and have a nice day! 🙂
>Solution :
Where-Object accepts a scriptblock – you can use this to combine multiple comparisons into a single predicate:
... |Where-Object { $_.Name -notlike 'FIM.*' -and $_.Name -ne 'Domain Users' } |...