locked
Remove user from AD RRS feed

  • Question

  • Hi Experts,

    I got a windows server (X) where I have full admin rights to execute commands. I got AD Server IP (Y), username and password.

    How can I execute commands on server X to delete the user from Server Y?

    Please share the PowerShell command with credentials specified in it to delete the user from AD in my case.

    Wednesday, September 18, 2019 3:23 PM

All replies

  • Hi,

    If the user in Server (Y) is a local user, you must have full admin rights too in this server to delete it.

    If the user in Server (Y) is a domain user, you must be member of Domain or Enterprise Admins groups or with administrative delegation to delete it from the "Active Directory Users and Computers" console or using Powershell.

    Regards,

    SAAD Youssef

    ______

    Please remember to mark the replies as answer if they help, thank you!

    Wednesday, September 18, 2019 3:48 PM
  • User is a part of the domain with admin rights. I have a sample email id to delete the user.

    Can you share the command that I can run to delete the user from Server X from domain controller host (y) with Admin rights?

    Can I specify credentials in the command? Appreciate your response.

    Wednesday, September 18, 2019 4:13 PM
  • Just install the RSAT tool in the server (Y) and run the Active Directory Users and Computers, then browse the user and disable it or delete it.

    If you want just deny the user to access remotely to the Server (X), you have to remove it from the Remote Control users or administrators local groups.

    To install RSAT tool, go to “Control Panel” > “Programs” > “Programs and Features” > “Turn Windows features on or off” > enable "Remote Server Administration Tools" and ensure that "AD DS Tools" child feature is enabled too.

    Wednesday, September 18, 2019 4:57 PM
  • Please try to use your search engine to find documents that explain how to use AD.

    https://docs.microsoft.com/en-us/powershell/module/addsadministration/remove-aduser?view=win10-ps


    \_(ツ)_/

    Wednesday, September 18, 2019 5:19 PM
  • Does the document specify how to add user credentials in the powershell command?
    Wednesday, September 18, 2019 5:55 PM
  • I cannot install any of the software. I need to do it only through power shell from Server X. Server Y is the AD server from where I need to delete the user. 
    Wednesday, September 18, 2019 5:57 PM
  • 1. Remote to the remote server and use the code posted.
    2. Use the GUI on the DC.
    3. Write the raw ADSI code to remove a user.
    4. Look in Gallery for code that does what you ask.


    \_(ツ)_/

    Wednesday, September 18, 2019 6:03 PM
  • Does the document specify how to add user credentials in the powershell command?

    Did you even try to read the document. We cannot read it for you.


    \_(ツ)_/

    Wednesday, September 18, 2019 6:05 PM
  • I did read the document before posting a question here but I do not understand how can I pass username and password for the AD server in that powershell command.

    Can you give me a sample command for that?

    Wednesday, September 18, 2019 6:10 PM
  • https://docs.microsoft.com/en-us/powershell/module/addsadministration/get-aduser?view=win10-ps

    Get-AdUser use3rid -Credential | Remove-AdUser

    Please take the time to learn AD and how to use the CmdLets.  The page I linked first has a complete explanation of this for all CmdLets.  You will first need to learn basic PowerShell before continuing.  This forum is not for giving personal instructions in how to use PowerShell.  Learning the basics is your responsibility.


    \_(ツ)_/

    Wednesday, September 18, 2019 6:20 PM
  • I am not an AD admin, I am a third-party too Admin. I am trying to provide an interface to the users of AD group to delete the user from ADs. Thought I would get some quick help but you are becoming impossible. Apart from sharing the solution, you have suggested me everything what doesn't even count.

    Anyways thanks for your response.

    Wednesday, September 18, 2019 6:26 PM
  • How can you advise or help others when you do not even understand the basic technology and can't or won't read the documentation. If you are getting paid for this then shame on you. I hope you do not do too much damage.

    Selling expertise when you are not an expert or even basically trained is unethical.

    Please take the time to learn PowerShell, Active Directory and Windows. We are not here to provide you with solutions that you can sell to others.


    \_(ツ)_/

    Wednesday, September 18, 2019 6:54 PM
  • Btw, before doing anything remotely with Powershell on your domain controller, you have to connect in this server and allow remote connections to it.

    Why not ask another domain administrator to do this operation directly from the domain controller?


    • Edited by SAAD Youssef Wednesday, September 18, 2019 7:21 PM
    Wednesday, September 18, 2019 7:21 PM
  • I tried t find an ADSI script that would remoive users without the AD CmdLets. Apparently somone has been removing older scripts so I haven't found one.

    Here is the template code.

    $user = [adsi]'LDAP://<add distinguished name>'
    $user.DeleteTree()

    To use this with credentials just write the script and run it with PowerShell started with alternate credentials.

    You can also use the ADSI type to authenticate the request.

    $user = [adsi[::New($aDSPath, $username, $password)
    $user = [adsi[::New$aDSPath, $username, $password,[System.DirectoryServices.AuthenticationTypes]::Secure)


    \_(ツ)_/






    Wednesday, September 18, 2019 7:33 PM
  • Her is an article that deals with authentication to AD with ADSI.

    https://www.sherweb.com/blog/cloud-server/fun-with-powershell-domain-authentication/


    \_(ツ)_/

    Wednesday, September 18, 2019 7:51 PM
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Lee


    Just do it.

    Thursday, October 3, 2019 2:51 AM