0phoi5 Posted September 9, 2016 Share Posted September 9, 2016 Hi all, I have the following line of code in a PowerShell file, intended to remove a user from all Active Directory groups beginning with an @ symbol; Get-ADGroup -Filter 'name -like "@*"' | Remove-ADGroupMember -Members $UserID It actually works fine, and successfully removes them from the correct groups, however the script locks my admin account every time it's run. Weird! I suspect it's to do with it 'using up' my Kerberos authentication tokens (it uses too many, as it runs for every single AD group beginning with @), or it thinks I'm trying to do something malicious because I'm sending such a large amount of commands in a short time? Is there a way for me to amend this line of code, so that instead of running Remove-ADGroupMember for every single @ group in the Active Directory, it only runs for the groups that the user is a member of? Or any other ideas? Thank you. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.