This is another requirement that needed to be completed, which I thought would be a good idea to share so hopefully it helps with the people.
The requirement here was for management of a local group on the server, in this particular example, this particular local group was a reference group that should not have people added to it, the reference group was required by the application, but access should not be granted by that group.
Obviously, the choice of weapon here is Powershell, and it’s quite a simple operation, so let’s get into it.
# Removes all users from a local group in Windows PowerShell.
$group_name = "bear_sniffing"
$users = Get-LocalGroupMember $group_name
ForEach ($user in $users) {
Remove-LocalGroupMember -Group $group_name -Member $user
}
This is where it started, but then I was thinking, if you have multiple servers to accomplish this on you really don’t want to be be running that command on servers locally, that is using for too much of that administer of effort….
Therefore this fits the bill nicely, it could be run on multiple servers, and it only requires a single script….
$servers=@("server1", "server2", "server3")
ForEach ($server in $servers) {
Invoke-Command -ComputerName $server -scriptblock{
$group_name = "bear_sniffing"
$users = Get-LocalGroupMember $group_name
ForEach ($user in $users) {
Remove-LocalGroupMember -Group $group_name -Member $user
}
}
}
Magical.