We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script Repository

Remove user with specific username from the unmanaged accounts list

December 05, 2022 Views: 737

The script removes the user with the specified User Principal Name from the unmanaged accounts list. The script must be executed in a custom command. The User Principal Name of the account to remove from the list must be specified in a text parameter of the command.

In the script, the $parameterName variable specifies the name of the custom command parameter used to enter the User Principal Name of the user to remove from the unmanaged list. The parameter name must be specified with the param- prefix.

Edit Remove
PowerShell
$parameterName = "param-userToRemove" # TODO: modify me

# Bind to the 'Configuration Set Settings' container
$configurationSetSettingsPath = $Context.GetWellKnownContainerPath("ConfigurationSetSettings")
$admConfigurationSetSettings = $Context.BindToObject($configurationSetSettingsPath)
     
# Get all unmanaged accounts
$currentUnmanagedAccounts = $admConfigurationSetSettings.GetUnmanagedAccounts(@("userPrincipalName"))
$allUnmanagedSids = New-Object "System.Collections.Generic.HashSet[String]"

$managedAccountUsername = $Context.GetParameterValue($parameterName)
foreach ($userInfo in $currentUnmanagedAccounts)
{
    $searchResult = $userInfo.Value
    if ($searchResult -eq $NULL)
    {
        continue
    }
    
    $username = $searchResult.Properties["userPrincipalName"].Value  
    if($username -eq $managedAccountUsername)
    {
        $updateUnmanagedList = $True
        continue
    }
    
    $allUnmanagedSids.Add($userInfo.Key)
}

# Update unmanaged accounts
if ($updateUnmanagedList)
{
    $admConfigurationSetSettings.SetUnmanagedAccounts(@($allUnmanagedSids))
    $Context.LogMessage("User with identity $managedAccountUsername was removed from the unmanaged list.", "Information")
}
else
{
    $Context.LogMessage("User with identity $managedAccountUsername was not found in the unmanaged list.", "Warning")
}
Comments 0
Leave a comment
Loading...

Got questions?

Support Questions & Answers