Remove-EntraFeatureRolloutPolicyDirectoryObject
Allows an admin to remove a group from the cloud authentication rollout policy in Microsoft Entra ID. Users in this group revert back to the authenticating using the global policy (in most cases this will be federation).
Syntax
Remove-EntraFeatureRolloutPolicyDirectoryObject
-ObjectId <String>
-Id <String>
[<CommonParameters>] Description
An admin uses the Remove-EntraFeatureRolloutPolicyDirectoryObject cmdlet to remove groups from the cloud authentication roll-out policy.
Users in these groups start authenticating against the global authentication policy (for example,
federation). Specify ObjectId and Id parameter to remove groups from the cloud authentication roll-out policy.
Examples
Example 1: Removes a group from the cloud authentication roll-out policy from Microsoft Entra ID
Connect-Entra -Scopes 'Directory.ReadWrite.All'
$params = @{
Id = '00aa00aa-bb11-cc22-dd33-44ee44ee44ee'
ObjectId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'
}
Remove-EntraFeatureRolloutPolicyDirectoryObject @paramsThis command removes a group from the cloud authentication roll-out policy from Microsoft Entra ID.
-IdParameter specifies the ID of the cloud authentication roll-out policy.-ObjectIdparameter specifies the ID of the specific Microsoft Entra ID object that assigned to the cloud authentication roll-out policy.
Parameters
-ID
The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ObjectId
The unique identifier of the specific Microsoft Entra ID object that assigned to the cloud authentication roll-out policy in Microsoft Entra ID.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |