Functions/UserMangement/Remove-PVGroupMember.ps1
|
Function Remove-PVGroupMember { <# .SYNOPSIS Removes a User as a member from a CyberArk group. .DESCRIPTION Exposes the PACLI Function: "DELETEGROUPMEMBER" .PARAMETER vault The defined Vault name .PARAMETER user The Username of the authenticated User. .PARAMETER group The name of the group. .PARAMETER member The name of the group member to delete .PARAMETER sessionID The ID number of the session. Use this parameter when working with multiple scripts simultaneously. The default is ‘0’. .EXAMPLE Remove-PVGroupMember -vault Lab -user administrator -group auditors -member WebService Deletes "WebService" as a member of vault group "Auditors" .NOTES AUTHOR: Pete Maan #> [CmdLetBinding(SupportsShouldProcess)] [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSShouldProcess", "", Justification = "ShouldProcess handling is in Invoke-PACLICommand")] param( [Parameter( Mandatory = $True, ValueFromPipelineByPropertyName = $True)] [string]$vault, [Parameter( Mandatory = $True, ValueFromPipelineByPropertyName = $True)] [string]$user, [Parameter( Mandatory = $True, ValueFromPipelineByPropertyName = $True)] [Alias("Groupname")] [string]$group, [Parameter( Mandatory = $True, ValueFromPipelineByPropertyName = $True)] [Alias("Username")] [string]$member, [Parameter( Mandatory = $False, ValueFromPipelineByPropertyName = $True)] [int]$sessionID ) PROCESS { $Return = Invoke-PACLICommand $Script:PV.ClientPath DELETEGROUPMEMBER $($PSBoundParameters.getEnumerator() | ConvertTo-ParameterString) if($Return.ExitCode -eq 0) { Write-Verbose "Deleted User $member From $group" [PSCustomObject] @{ "vault" = $vault "user" = $user "sessionID" = $sessionID } | Add-ObjectDetail -TypeName pacli.PoShPACLI } } } |