Public/Remove-User.ps1
|
function Remove-User { <# .SYNOPSIS Deletes a user account from the Windows Security Accounts Manager. .DESCRIPTION The Remove-User cmdlet deletes a user account from the Windows Security Accounts Manager. .PARAMETER InputObject Specifies the local user accounts to remove. .PARAMETER Name Specifies the user accounts to be deleted. .PARAMETER SID Specifies the local user accounts to remove by SecurityIdentifier. .EXAMPLE Remove-User -Name "John" Removes the local user named John. #> [CmdletBinding(SupportsShouldProcess = $true)] param( [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'InputObject')] [LocalUser[]]$InputObject, [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'Default')] [string[]]$Name, [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'SecurityIdentifier')] [System.Security.Principal.SecurityIdentifier[]]$SID ) process { # Process InputObject if ($null -ne $InputObject) { foreach ($user in $InputObject) { if ($null -eq $user) { continue } if ($PSCmdlet.ShouldProcess($user.ToString(), 'Remove user account')) { try { [LocalAccountHelper]::RemoveLocalUser($user) } catch [System.UnauthorizedAccessException] { $ex = [AccessDeniedException]::new($user) Write-Error -Message $ex.Message -ErrorId 'AccessDenied' -Category PermissionDenied -TargetObject $user } catch { Write-Error -Message $_.Exception.Message -ErrorId 'InvalidLocalUserOperation' -Category InvalidOperation -TargetObject $user } } } } # Process Name if ($null -ne $Name) { foreach ($userName in $Name) { if ([string]::IsNullOrWhiteSpace($userName)) { continue } if ($PSCmdlet.ShouldProcess($userName, 'Remove user account')) { try { $user = [LocalUser]::new($userName) [LocalAccountHelper]::RemoveLocalUser($user) } catch [System.UnauthorizedAccessException] { $ex = [AccessDeniedException]::new($userName) Write-Error -Message $ex.Message -ErrorId 'AccessDenied' -Category PermissionDenied -TargetObject $userName } catch { Write-Error -Message $_.Exception.Message -ErrorId 'InvalidLocalUserOperation' -Category InvalidOperation -TargetObject $userName } } } } # Process SID if ($null -ne $SID) { foreach ($userSid in $SID) { if ($null -eq $userSid) { continue } if ($PSCmdlet.ShouldProcess($userSid.Value, 'Remove user account')) { try { $user = [LocalUser]::new() $user.SID = $userSid [LocalAccountHelper]::RemoveLocalUser($user) } catch [System.UnauthorizedAccessException] { $ex = [AccessDeniedException]::new($userSid) Write-Error -Message $ex.Message -ErrorId 'AccessDenied' -Category PermissionDenied -TargetObject $userSid } catch { Write-Error -Message $_.Exception.Message -ErrorId 'InvalidLocalUserOperation' -Category InvalidOperation -TargetObject $userSid } } } } } } |