Remove an AD fine-grained password policy.

      Remove-ADFineGrainedPasswordPolicy [-Identity] ADFineGrainedPasswordPolicy
         [-AuthType {Negotiate | Basic}] [-Credential PSCredential]
            [-Server string] [-Confirm] [-WhatIf] [CommonParameters]

   -AuthType {Negotiate | Basic}
       The authentication method to use: Negotiate (or 0), Basic (or 1)
       A Secure Sockets Layer (SSL) connection is required for Basic authentication.

   -Credential PSCredential
       A user account that has permission to perform this action.
       The default is the current user unless the cmdlet is run from an AD PowerShell provider drive
       in which case the account associated with the drive is the default.

       "User64" or "Domain01\User64" or a PSCredential object.

   -Identity ADFineGrainedPasswordPolicy
       Specify an AD fine-grained password policy object by providing one of the following values.
       (The identifier in parentheses is the LDAP provider name for the attribute.)

          Distinguished Name 
            Example: CN=Strict Password Policy,CN=Password Settings Container,CN=System,DC=SS64,DC=com 
          GUID (objectGUID) 
            Example: 599c4d2e-f72d-4d20-8a78-030d69495f20
          Security Identifier (objectSid) 
            Example: S-1-5-21-5165297888-301467370-576410423-1803
          Security Accounts Manager (SAM) Account Name (sAMAccountName)
            Example: PasswordPolicyLevel1

       The cmdlet searches the default naming context or partition to find the object.
       If two or more objects are found, the cmdlet returns a non-terminating error.

       This parameter can also get this object through the pipeline or you can set this
       parameter to an object instance.

   -Server string
       The AD Domain Services instance to connect to, this may be a Fully qualified domain name,
       NetBIOS name, Fully qualified directory server name (with or without port number) or AD Snapshot instance.

       Examples:  demo

       Prompt for confirmation before executing the command.

       Describe what would happen if you executed the command, without actually executing the command.

Remove-ADFineGrainedPasswordPolicy removes an AD fine grained password policy.

The -Identity parameter specifies the AD fine grained password policy to remove. Identify a fine grained password policy by its distinguished name, or GUID. You can also set the -Identity parameter to a fine grained password object variable, or pass an object through the PowerShell pipeline.


Remove the Fine Grained Password Policy object named 'MyPolicy':

PS C:\> Remove-ADFineGrainedPasswordPolicy MyPolicy

Remove the Fine Grained Password Policy object with DistinguishedName 'CN=MyPolicy,CN=Password Settings Container,CN=System,DC=SS64,DC=com:

PS C:\> Remove-ADFineGrainedPasswordPolicy -Identity 'CN=MyPolicy,CN=Password Settings Container,CN=System,DC=SS64,DC=com'

Remove all File Grained Password Policy objects that contain user in their names.

PS C:\> Get-ADFineGrainedPasswordPolicy -Filter {Name -like "*user*"} | Remove-ADFineGrainedPasswordPolicy

“One of the most wonderful things in nature is a glance of the eye; it transcends speech; it is the bodily symbol of identity” ~ Ralph Waldo Emerson

Related PowerShell Cmdlets

Set-adFineGrainedPasswordPolicy - Modify an AD fine-grained password policy.
Get-adFineGrainedPasswordPolicy - Get one or more AD fine-grained password policies.

Copyright © 1999-2023
Some rights reserved