Functions/Remove-sthAdminSDHolderUserAccountProtection.ps1
# .externalhelp ..\sthAdminSDHolder.psm1-help.xml function Remove-sthAdminSDHolderUserAccountProtection { [CmdletBinding(DefaultParameterSetName='default')] Param( [Parameter(ParameterSetName='SamAccountName')] [string]$SamAccountName, [Parameter(ParameterSetName='UserPrincipalName')] [string]$UserPrincipalName, [switch]$Remove, [switch]$YesRemove ) switch ($PSCmdlet.ParameterSetName) { 'SamAccountName' { $Parameters = @{SamAccountName = $SamAccountName} } 'UserPrincipalName' { $Parameters = @{UserPrincipalName = $UserPrincipalName} } 'default' { return "`nSpecify -SamAccountName or -UserPrincipalName parameters.`n" } } if ($AdminSDHolderProtectedAccount = $(Get-sthAdminSDHolderProtectedUserAccount @Parameters)) { if ($AdminSDHolderProtectedAccount.AdminSDHolderGroups) { Write-Output -InputObject "`nAccount is a member of AdminSDHolder protected groups." $AdminSDHolderProtectedAccount Write-Output -InputObject "`nNo changes were made." } else { if ($Remove -and $YesRemove) { if ($AdminSDHolderProtectedAccount.AdminCountAttribute -and -not $AdminSDHolderProtectedAccount.InheritanceEnabled) { Write-Output -InputObject "`nRemoving adminCount attribute and enabling access rules inheritance." $AdminSDHolderProtectedAccount inRemoveAdminCountAttribute -AdminSDHolderProtectedAccount $AdminSDHolderProtectedAccount inEnableAccessRulesInheritance -AdminSDHolderProtectedAccount $AdminSDHolderProtectedAccount } elseif ($AdminSDHolderProtectedAccount.AdminCountAttribute) { Write-Output -InputObject "`nRemoving adminCount attribute." $AdminSDHolderProtectedAccount inRemoveAdminCountAttribute -AdminSDHolderProtectedAccount $AdminSDHolderProtectedAccount } } else { Write-Output -InputObject "`nWHATIF: To remove adminCount attribute and restore access rules inheritance, specify -Remove and -YesRemove parameters." $AdminSDHolderProtectedAccount Write-Output -InputObject "`nWHATIF: No changes were made." } } } else { Write-Output -InputObject "`nAccount $SamAccountName$UserPrincipalName not found.`n" } } |