Public/Remove-UserGroup.ps1
|
function Remove-UserGroup { <# .SYNOPSIS Deletes a security group from the Windows Security Accounts Manager. .DESCRIPTION The Remove-UserGroup cmdlet deletes a security group from the Windows Security Accounts manager. .PARAMETER InputObject Specifies security groups from the local Security Accounts Manager. .PARAMETER Name Specifies the local groups to be deleted. .PARAMETER SID Specifies the UserGroup accounts to remove by SecurityIdentifier. .EXAMPLE Remove-UserGroup -Name "MyGroup" Removes the local group named MyGroup. #> [CmdletBinding(SupportsShouldProcess = $true)] param( [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'InputObject')] [UserGroup[]]$InputObject, [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'Default')] [string[]]$Name, [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'SecurityIdentifier')] [System.Security.Principal.SecurityIdentifier[]]$SID ) process { # Process InputObject if ($null -ne $InputObject) { foreach ($group in $InputObject) { if ($null -eq $group) { continue } if ($PSCmdlet.ShouldProcess($group.ToString(), 'Remove group')) { try { [LocalAccountHelper]::RemoveUserGroup($group) } catch [System.UnauthorizedAccessException] { $ex = [AccessDeniedException]::new($group) Write-Error -Message $ex.Message -ErrorId 'AccessDenied' -Category PermissionDenied -TargetObject $group } catch { Write-Error -Message $_.Exception.Message -ErrorId 'InvalidUserGroupOperation' -Category InvalidOperation -TargetObject $group } } } } # Process Name if ($null -ne $Name) { foreach ($groupName in $Name) { if ([string]::IsNullOrWhiteSpace($groupName)) { continue } if ($PSCmdlet.ShouldProcess($groupName, 'Remove group')) { try { $group = [UserGroup]::new($groupName) [LocalAccountHelper]::RemoveUserGroup($group) } catch [System.UnauthorizedAccessException] { $ex = [AccessDeniedException]::new($groupName) Write-Error -Message $ex.Message -ErrorId 'AccessDenied' -Category PermissionDenied -TargetObject $groupName } catch { Write-Error -Message $_.Exception.Message -ErrorId 'InvalidUserGroupOperation' -Category InvalidOperation -TargetObject $groupName } } } } # Process SID if ($null -ne $SID) { foreach ($groupSid in $SID) { if ($null -eq $groupSid) { continue } if ($PSCmdlet.ShouldProcess($groupSid.Value, 'Remove group')) { try { $group = [UserGroup]::new() $group.SID = $groupSid [LocalAccountHelper]::RemoveUserGroup($group) } catch [System.UnauthorizedAccessException] { $ex = [AccessDeniedException]::new($groupSid) Write-Error -Message $ex.Message -ErrorId 'AccessDenied' -Category PermissionDenied -TargetObject $groupSid } catch { Write-Error -Message $_.Exception.Message -ErrorId 'InvalidUserGroupOperation' -Category InvalidOperation -TargetObject $groupSid } } } } } } |