Remove-CMSecurityRoleFromAdministrativeUser
Remove the association between a security role and an administrative user.
Syntax
Remove-CMSecurityRoleFromAdministrativeUser
-AdministrativeUserName <String>
[-Force]
-RoleName <String>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Remove-CMSecurityRoleFromAdministrativeUser
-AdministrativeUser <IResultObject>
[-Force]
-RoleId <String>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Remove-CMSecurityRoleFromAdministrativeUser
-AdministrativeUser <IResultObject>
[-Force]
-RoleName <String>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Remove-CMSecurityRoleFromAdministrativeUser
-AdministrativeUser <IResultObject>
[-Force]
-Role <IResultObject>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Remove-CMSecurityRoleFromAdministrativeUser
-AdministrativeUserId <Int32>
[-Force]
-RoleId <String>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Remove-CMSecurityRoleFromAdministrativeUser
-AdministrativeUserId <Int32>
[-Force]
-RoleName <String>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Remove-CMSecurityRoleFromAdministrativeUser
-AdministrativeUserId <Int32>
[-Force]
-Role <IResultObject>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Remove-CMSecurityRoleFromAdministrativeUser
-AdministrativeUserName <String>
[-Force]
-RoleId <String>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Remove-CMSecurityRoleFromAdministrativeUser
-AdministrativeUserName <String>
[-Force]
-Role <IResultObject>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Use this cmdlet to remove the association between one or more security roles and an administrative user. After you remove the association of a security role with an administrative user, the administrative user can't view the objects in Configuration Manager that are associated with the security role. They also no longer have the permission to do the tasks that are related to those objects.
Note
Run Configuration Manager cmdlets from the Configuration Manager site drive, for example PS XYZ:\>. For more information, see getting started.
Examples
Example 1: Remove a security role from an administrative user
This command removes the association between the security role named Security Update Manager and the administrative user named Contoso\PattiFuller. Since it specifies the Force parameter, it runs without prompting.
Remove-CMSecurityRoleFromAdministrativeUser -AdministrativeUserName "Contoso\PattiFuller" -RoleName "Security Update Manager" -ForceParameters
-AdministrativeUser
Specify an administrative user object to configure. To get this object, use the Get-CMAdministrativeUser cmdlet.
| Type: | IResultObject |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-AdministrativeUserId
Specify the ID of the administrative user to configure. This value is the AdminID property, which is an integer value. For example, 16777234.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AdministrativeUserName
Specify the name of the administrative user to configure.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DisableWildcardHandling
This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ForceWildcardHandling
This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Role
Specify a security role object to remove. To get this object, use the Get-CMSecurityRole cmdlet.
| Type: | IResultObject |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-RoleId
Specify the ID of the security role to remove. This value is the RoleID property, for example SMS000AR for the OS Deployment Manager role.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RoleName
Specify the name of the security role to remove.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet doesn't run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.ConfigurationManagement.ManagementProvider.IResultObject
Outputs
System.Object