0

I have written a script to remove users from outdated security groups. It is a Primary School so I want to write something that updates their year level security group each year at the start of the year. For instance a Year 1 moving into Year 2 needs to have Year 1 group removed and be added to Year 2 group.

I have written a function that clears group membership, but it doesn't seem to be validating the if statement to true, even though the write-host above it confirms that one of the properties returned is "Year 1"

I've been sort of bashing my head for a while now.. Hopefully just some noob thing..

# This function checks to see if user is already in a "year X" security group and removes them
Function Clear_GroupMemberships($DeeN) {
    Get-ADPrincipalGroupMembership $DeeN | ForEach-Object {
        Write-Host $_.name ## This prints two groups - Domain Users and Year 1
                           ## Its the Year X group I am trying to filter for
        if($_.name -Contains "Year "){
            Remove-ADGroupMember -Identity $_.name -Members $DeeN

            Write-Host "[INFO]`t Removed $($sam) from security group : $($_.name)"
            "[INFO]`t  Removed $($sam) from security group : $($_.name)" | Out-File $log -append
        }
    }
}
Matt Macdonald
  • 1
  • It's a very common misunderstanding when learning PowerShell; the linked question answers go over it in detail and explain the various alternatives. – briantist Feb 20 '18 at 06:25
  • Thanks for that. Google didnt return anything, should have used the local search function – Matt Macdonald Feb 20 '18 at 07:55
  • To be honest, the local search kind of sucks. I used google to find the duplicate (I think I searched for `stackoverflow powershell contains`). – briantist Feb 20 '18 at 22:13

0 Answers0