Script Repository


Remove user with specific sAMAccountName from the unmanaged accounts list

July 22, 2021
105

The script removes the user with the specified sAMAccountName from the unmanaged accounts list. The script must be executed in a custom command. The sAMAccountName of the account to remove from the list must be specified in a text parameter of the command.

In the script, the $parameterName variable specifies the name of the custom command parameter used to enter the sAMAccountName of the user to remove from the unmanaged list. The parameter name must be specified with the param- prefix.

Edit Remove
PowerShell
$parameterName = "param-userToRemove" # TODO: modify me

# Bind to the 'Configuration Set Settings' container
$configurationSetSettingsPath = $Context.GetWellKnownContainerPath("ConfigurationSetSettings")
$admConfigurationSetSettings = $Context.BindToObject($configurationSetSettingsPath)
     
# Get all unmanaged accounts
$currentUnmanagedAccounts = $admConfigurationSetSettings.GetUnmanagedAccounts(@("sAMAccountName"))
$allUnmanagedSids = New-Object "System.Collections.Generic.HashSet[String]"

$managedAccountUsername = $Context.GetParameterValue($parameterName)
foreach ($userInfo in $currentUnmanagedAccounts)
{
    $searchResult = $userInfo.Value
    if ($searchResult -eq $NULL)
    {
        continue
    }
    
    $username = $searchResult.Properties["sAMAccountName"].Value  
    if($username -eq $managedAccountUsername)
    {
        $updateUnmanagedList = $True
        continue
    }
    
    $allUnmanagedSids.Add($userInfo.Key)
}

# Update unmanaged accounts
if ($updateUnmanagedList)
{
    $admConfigurationSetSettings.SetUnmanagedAccounts(@($allUnmanagedSids))
    $Context.LogMessage("User with identity $managedAccountUsername was removed from the unmanaged list.", "Information")
}
else
{
    $Context.LogMessage("User with identity $managedAccountUsername was not found in the unmanaged list.", "Warning")
}

Comments ( 0 )
No results found.
Leave a comment