WEBVTT

00:00.450 --> 00:04.070
List members of a security group in Active Directory.

00:04.200 --> 00:13.730
So far they've done the addition of Active Directory objects such as users computer send groups to security

00:13.740 --> 00:14.350
groups.

00:14.370 --> 00:22.200
But if you want to check out if you want to lose all the users home we've actually added to this group

00:22.410 --> 00:26.990
how do they find all the current members of a given security group.

00:27.000 --> 00:31.650
Of course we have a command lead for it and it's called God.

00:31.650 --> 00:35.610
Does a group member as the name indicates it.

00:35.670 --> 00:38.620
Where is the members of a given group.

00:38.640 --> 00:45.960
For example let's say the membership of one of the groups that we used to in previous lesson by using

00:45.960 --> 00:47.360
the following command.

00:47.520 --> 00:56.010
Get this the group member identity per in group 1 and we apply it to measure object come and glad to

00:56.010 --> 00:59.010
see how many members we gotten.

00:59.010 --> 01:04.260
This group could also use GET THE GROUP command letters identity.

01:04.380 --> 01:08.300
Name the group we want to get members of.

01:08.310 --> 01:14.090
In my case it's parent group won and pyper to select my name property.

01:14.160 --> 01:22.470
So we'll be selecting all the objects of this group sorting them by name selecting them by name some

01:22.470 --> 01:26.030
more Virts about my robe should come and go out.

01:26.070 --> 01:32.910
It shows how many objects are returned from the get a degree mamber come and let rank wear it for the

01:32.910 --> 01:34.520
members of Paran group.

01:34.520 --> 01:39.180
One you could to use a list come and lead for an object.

01:39.180 --> 01:46.770
Remember that this is the same group where we added several child groups in the previous lesson while

01:46.770 --> 01:51.000
demonstrating the nested group addition operation.

01:51.000 --> 01:56.150
The second command shows the actual members for ease of understanding.

01:56.170 --> 02:02.350
I just select the name property from the output using the select parameter.

02:02.490 --> 02:09.600
As mentioned before groups can have users computers and other groups as members but how do they know

02:09.600 --> 02:12.030
the object type of each member.

02:12.030 --> 02:20.370
This can be achieved by reading the object class property of the returned object from the get Ada group

02:20.370 --> 02:21.810
member command led.

02:21.960 --> 02:30.120
So let's run the following command get the group identity test group and pipe it to select by name and

02:30.210 --> 02:33.380
Object class as you can see the test.

02:33.600 --> 02:41.550
As you can see in the following group which is named test group they've got lots of members groups and

02:41.850 --> 02:44.320
computers and users.

02:44.460 --> 02:52.290
Since we've use the recursive switch while querent it checks for group objects and membership querist

02:52.570 --> 03:00.930
members and displays the results even if the nested group has other groups in its membership the members

03:00.930 --> 03:07.620
of that group will also be displayed when group membership is querido recursively group membership of

03:07.620 --> 03:13.670
a security group can be easily exported to see us Fiora Excel file.

03:13.730 --> 03:17.650
You then the expert does this become an LED and power cell.

03:17.670 --> 03:26.400
All we need to do is just pass the output of the group member to this command led as shown in the following

03:26.400 --> 03:36.270
example and get a team member group member with identity parameter and we get in the members of test

03:36.270 --> 03:44.920
group then we Pypard to select and select by name distinguished name or object class.

03:45.030 --> 03:53.790
And after that we pipe it to export DSS command left which will save the file in the following location.

03:53.790 --> 04:02.940
In my case it's on drive C bills folder and group membership don't see it as the file and this code

04:03.240 --> 04:12.810
example name distinguish name and the object class of tells group members are exported to see the file

04:13.080 --> 04:20.490
and after export the content of this file look like the example I'll show you.

04:20.610 --> 04:27.090
So let me open this file from SEE Pierre's folder and here it is.

04:27.090 --> 04:34.070
Now let's talk about removing member of strawman active directory group as part of daily activities

04:34.080 --> 04:42.450
a system administrator may need to remove members from security groups or users who have left the organisation

04:42.450 --> 04:50.340
or moved to a different department and no longer require access to a particular network resource or

04:50.340 --> 04:51.630
share drive.

04:51.630 --> 04:59.190
This changes and generally involve removing the user accounts from a given security group we've got.

04:59.270 --> 05:07.380
Come on that £480 that is called removed as a group member similar to a get a group member come and

05:07.380 --> 05:10.710
let the remove group member come and.

05:10.890 --> 05:19.740
Also has two mandatory perimeters identity and members their identity parameter takes the name of the

05:19.740 --> 05:28.200
group from which you want to remove the members and the members parameter takes a list of users computers

05:28.500 --> 05:34.870
or group accounts that you want to remove the fullerenes sample command is used to remove for use or

05:34.870 --> 05:37.130
recalling from a security group.

05:37.260 --> 05:45.100
So let's remove Lepp use or want from test group for this we should run the following commands removed

05:45.150 --> 05:54.530
as a group member identity test group members Lepp use or one as you can see in the Folarin output.

05:54.720 --> 05:59.490
Remove the group member command left Brawn's for confirmation.

05:59.490 --> 06:02.970
While removing an object from membership.

06:02.970 --> 06:11.020
This is just a safety measure to make the system administrator verify his actions and proceed with it.

06:11.160 --> 06:18.090
If you are sure that the action you are performing or you don't want to resolve this information prompt

06:18.440 --> 06:26.780
just possibly there dolar character falls to conform parameter as shown in the following command.

06:26.940 --> 06:31.900
So let's roll the fall and come out now with the Confirm parameter.

06:31.920 --> 06:36.770
Remove a group member identity test group members left you there.

06:36.780 --> 06:39.850
One can for false mode.

06:39.870 --> 06:48.270
It shouldn't conform you asking for confirmation to remove or not the user and this one performed for

06:48.360 --> 06:52.620
Anik information and just proceed with the operation.

06:52.620 --> 06:59.910
So in this example you remove to user object from the security group to remove a computer account from

06:59.910 --> 07:01.220
the security group.

07:01.290 --> 07:08.750
You can follow a similar approach and parse the name of the computer account to members parameter.

07:08.760 --> 07:16.600
You should remember to solve fix the computer name with a dollar sign a dollar character just as we

07:16.590 --> 07:18.030
did for the cat.

07:18.150 --> 07:20.710
There's a group member command lead.

07:20.820 --> 07:23.780
Otherwise your removal will fail.

07:23.850 --> 07:32.070
So the following commands remove the computer comp one or some other computer or lappers or with to

07:32.370 --> 07:33.820
whatever name you need.

07:33.900 --> 07:36.750
Computer records from the security group.

07:36.900 --> 07:38.510
Let's review this command.

07:38.580 --> 07:49.530
We removed the group member identity test group members comp comp warno Lepus or read to 3 and confirm

07:49.530 --> 07:55.920
parameter which ensures that they won't be asked for confirmation of removal.

07:55.920 --> 08:03.140
So removing a single user computer account from a security group is easy but how do they perform this

08:03.140 --> 08:04.800
operation and balk.

08:04.800 --> 08:13.080
Let's take a small example where you have a list of user or computer names in the CSFB file along with

08:13.080 --> 08:16.620
the group names from which they should be removed.

08:16.800 --> 08:25.650
Now our task is to read the details from this file and remove the members accordingly as soon as sample

08:25.890 --> 08:31.140
since the file looks like the Folarin file which I've got here.

08:31.260 --> 08:32.430
Let me open it.

08:32.580 --> 08:35.070
It's called group removals.

08:35.070 --> 08:36.380
Doc says V.

08:36.480 --> 08:44.130
So it's got object name which is the name of the user or computer or group that you want to remove the

08:44.220 --> 08:52.410
object type represents what type of object you want to remove and that sort column holds the group name

08:52.620 --> 08:55.100
from which you want to remove the object.

08:55.260 --> 09:01.020
And we've got Lekota example to remove all these objects.

09:01.020 --> 09:02.610
First real import.

09:02.610 --> 09:08.840
This is the file as we have done before with the import dust dirt dirt.

09:08.850 --> 09:14.000
Sorry Desch says We come and left and will be important.

09:14.100 --> 09:15.790
The file from C..

09:15.860 --> 09:20.130
P.S. folder and the file name is group removals.

09:20.280 --> 09:27.370
Says the line will loop through each entry into a file reserved for each command.

09:27.390 --> 09:32.630
So for each entry will be read in group name and if.

09:32.630 --> 09:39.760
If the object is a computer they have to add this dollar character to its name.

09:39.900 --> 09:49.950
So you could save this code to one file Reznick to the file with the extension be a swan and run it

09:49.950 --> 09:51.330
from a shell.

09:51.450 --> 09:59.310
You could Ramattan power shellscript an environment by selecting the whole code and Bresson run bottom

10:00.200 --> 10:06.920
it's about delit in a security group when a group is no longer required it needs to be removed or deleted

10:06.920 --> 10:13.740
from active directory in order to keep the database clean and up to date before performing the delete

10:13.760 --> 10:14.450
operation.

10:14.450 --> 10:17.540
Make sure that it has no members inside.

10:17.600 --> 10:24.220
If there are members in this group then the user will face problems once the group is deleted.

10:24.230 --> 10:32.610
It is difficult to reverse the change unless you have efficient restoration mechanisms in your environment.

10:32.720 --> 10:37.850
Also performance such a restore operations is not straightforward.

10:37.850 --> 10:41.690
It can be done only by people who understand it.

10:41.750 --> 10:47.880
So it is important to ensure that there are no members in the group before dilution.

10:47.970 --> 10:52.750
A security group in active directory can be diluted to use the removed.

10:52.890 --> 10:57.970
A group come and land similar to remove and group membership deleted.

10:58.000 --> 11:05.570
The group also prompts for confirmation and it can be also suppressed by using the same logic that we

11:05.570 --> 11:10.060
applied while Doolittle was removed as a group member.

11:10.110 --> 11:11.120
Come on lad.

11:11.150 --> 11:13.280
So let's run the following command.

11:13.340 --> 11:20.590
Remove the group identity test group WAHM and confirm parameter false.

11:20.660 --> 11:25.130
Groups that need to be deleted can be searched you get.

11:25.160 --> 11:33.710
There's a group command led and the output can be passed to the remove group command left for deletion

11:34.010 --> 11:36.130
as shown in this example.

11:36.170 --> 11:39.820
So they are Gatun group first and then read the letter.

11:39.950 --> 11:41.950
So let's run the following command.

11:41.960 --> 11:50.480
Get a group filter name like test group so we are looking for the names which contain tells group that

11:50.780 --> 11:58.850
all the groups which contain test groups in it and pass it to the pipe after which we are on to the

11:58.850 --> 12:03.760
next command which is removed as a group without confirmation.

12:03.890 --> 12:05.240
So as you can guess.

12:05.240 --> 12:09.050
Get a the group can return a few groups.

12:09.170 --> 12:18.830
When we search for groups Drian with a foreign name test group and all of those groups are passed to

12:18.830 --> 12:25.730
remove groups wire up a pipeline and visit for more options set to false.

12:25.730 --> 12:31.640
This will delete all the security groups that have names start with death group.