Remove-ADGroup

Remove an Active Directory group.

Syntax
      Remove-ADGroup [-Identity] ADGroup  {Negotiate | Basic}] [-Credential PSCredential]
         [-Partition string] [-Server string]
            [-Confirm] [-WhatIf] [CommonParameters]

Key
   -AuthType {Negotiate | Basic}
       The authentication method to use: Negotiate (or 0), Basic (or 1)
       A Secure Sockets Layer (SSL) connection is required for Basic authentication.

   -Credential PSCredential
       The user account credentials to use to perform this task.
       The default credentials are those of the currently logged on user unless the
       cmdlet is run from an Active Directory PowerShell provider drive.
       If the cmdlet is run from such a provider drive, the account associated with the drive is the default.

       Type a user name, such as "User64" or "Domain64\User64" or specify a
       PSCredential object such as one generated by Get-Credential 

       If a user name is specified, the cmdlet will prompt for a password.

   -Identity ADGroup
       An AD group object. Most often this will be a Distinguished Name (e.g. CN=demogroup,OU=demo,DC=SS64,DC=com)
       The identity may also be given as a GUID, Security Identifier or sAMAccountName.

       The cmdlet searches the default naming context or partition to find the object.
       If two or more objects are found, the cmdlet returns a non-terminating error.

       The ADGroup object may also be passed through the pipeline or set via a variable.

   -Partition string
       The distinguished name of an AD partition.
       string must be one of the naming contexts on the current directory server.
       The cmdlet searches this partition to find the object defined by the -Identity parameter.
       Examples:
         -Partition "CN=Configuration,DC=EUROPE,DC=TEST,DC=SS64,DC=COM"
         -Partition "CN=Schema,CN=Configuration,DC=EUROPE,DC=TEST,DC=SS64,DC=COM"

       In many cases, a default value will be used for -Partition if no value is specified.

   -Server string
       The AD Domain Services instance to connect to, this may be a Fully qualified domain name,
       NetBIOS name, Fully qualified directory server name (with or without port number)

   -Confirm
       Prompt for confirmation before executing the command.

   -WhatIf
       Describe what would happen if you executed the command without actually executing it.

Remove-ADGroup removes an Active Directory group object. You can use this cmdlet to remove security and distribution groups.

The -Identity parameter specifies the Active Directory group to remove. Identify a group by its distinguished name (DN), GUID, security identifier (SID), Security Accounts Manager (SAM) account name, or canonical name. You can also specify a group object variable, such as $localGroupObject.

Get-ADGroup may be used to retrieve a group object and then pass the object through the pipeline to Remove-ADGroup.
If the ADGroup is identified by its DN, the -Partition parameter will be automatically determined.

Examples

Remove a group, the cmdlet will prompt for a name:

PS C:\> remove-adgroup

Remove the group that has samAccountName 'SS64group':

PS C:\> remove-adgroup SS64group

Remove the group that has samAccountName 'SS64group', first logging and removing all the members:

PS C:\> Get-ADGroupMember "SS64Group" | select name > SS64Groupmembers.txt

PS C:\> Get-ADGroupMember "SS64Group" | ForEach-Object {Remove-ADGroupMember "SS64Group" $_ -Confirm:$false}

PS C:\> remove-adgroup "SS64group"

Get all groups whose name starts with 'SS64' and remove them:

PS C:\> get-adgroup -filter 'Name -like "SS64*"' | remove-adgroup

"There is no off position on the genius switch" ~ David Letterman

Related PowerShell Cmdlets

New-ADGroup - Create an AD group.
Get-ADGroup - Get one or more AD groups.
Set-ADGroup - Modify an AD group.
Remove-ADGroupMember - Remove one or more members from an AD group.


 
Copyright © 1999-2024 SS64.com
Some rights reserved