Uninstall an Active Directory service account from a computer.

      Uninstall-ADServiceAccount [-Identity] ADServiceAccount
         [-AuthType {Negotiate | Basic}]
            [-Confirm] [-WhatIf] [CommonParameters]

   -AuthType {Negotiate | Basic}
       The authentication method to use: Negotiate (or 0), Basic (or 1)
       A Secure Sockets Layer (SSL) connection is required for Basic authentication.

   -Identity ADServiceAccount
       An AD service account object, specified with one of the following values.
       (The identifier in parentheses is the LDAP provider name for the attribute.)

          Distinguished Name 
            Example: CN=WebAccount,CN=ManagedServiceAccounts, DC=corp,DC=SS64,DC=com 
          GUID (objectGUID) 
            Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
          Security Identifier (objectSid) 
            Example: S-1-5-21-3165297888-301567370-576410423-1103
          Security Accounts Manager (SAM) Account Name (sAMAccountName)
            Example: WebAccount$

       The cmdlet searches the default naming context or partition to find the object.
       If two or more objects are found, the cmdlet returns a non-terminating error.

       This parameter can also get this object through the pipeline or you can set this
       parameter to an object instance.

       This example shows how to set the parameter to a distinguished name.
          -Identity  "CN=WebAccount,CN=ManagedServiceAccounts,DC=corp,DC=SS64,DC=com"

       This example shows how to set this parameter to a group object instance named "accountInstance".
          -Identity $accountInstance

       Prompt for confirmation before executing the command.

       Describe what would happen if you executed the command, without actually executing the command.

Uninstall-ADServiceAccount removes an AD service account on the computer on which the cmdlet is run. The specified service account must be installed on the computer.

The -Identity parameter specifies the Active Directory service account to uninstall. Identify a service account by its distinguished name Members (DN), GUID, security identifier (SID) or Security Accounts Manager (SAM) account name. You can also set the parameter to a service account object variable, or pass a service account object through the pipeline. For example, from Get-ADServiceAccount.


Uninstall the Service Account with the name 'svc64' from the local computer:

PS C:\> Uninstall-ADServiceAccount -Identity 'svc64'

Get a Service Account named 'svc64' from the default directory and uninstall it from the local machine.:

PS C:\> $acct = Get-ADServiceAccount -Filter { Name -eq 'svc64'}
PS C:\> Uninstall-ADServiceAccount $acct
PS C:\> Remove-ADServiceAccount $acct

“If you want to know the end, look at the beginning” ~ African Proverb

Related PowerShell Cmdlets

New-adServiceAccount - Create a new AD service account.
Install-adServiceAccount - Install an AD service account on a computer.
Remove-adServiceAccount - Remove an AD service account.
docs.microsoft.com - Configure Standalone and Group Managed Service Accounts.

Copyright © 1999-2023 SS64.com
Some rights reserved