Remove-EntraFeatureRolloutPolicyDirectoryObject
Allows an admin to remove a group from the cloud authentication rollout policy in Microsoft Entra ID. Users in this group revert back to the authenticating using the global policy (in most cases this will be federation).
Syntax
Remove-EntraFeatureRolloutPolicyDirectoryObject
-DirectoryObjectId <String>
-FeatureRolloutPolicyId <String>
[<CommonParameters>] Description
An admin uses the Remove-EntraFeatureRolloutPolicyDirectoryObject cmdlet to remove groups from the cloud authentication roll-out policy.
Users in these groups start authenticating against the global authentication policy (for example,
federation). Specify DirectoryObjectId and FeatureRolloutPolicyId parameter to remove groups from the cloud authentication roll-out policy.
Examples
Example 1: Removes a group from the cloud authentication roll-out policy from Microsoft Entra ID
Connect-Entra -Scopes 'Directory.ReadWrite.All'
$policy = Get-EntraFeatureRolloutPolicy -Filter "displayName eq 'MFA Rollout Policy'"
$group = Get-EntraGroup -Filter "displayName eq 'Sales and Marketing'"
Remove-EntraFeatureRolloutPolicyDirectoryObject -FeatureRolloutPolicyId $policy.Id -DirectoryObjectId $group.IdThis command removes a group from the cloud authentication roll-out policy from Microsoft Entra ID.
-FeatureRolloutPolicyIdParameter specifies the ID of the cloud authentication roll-out policy.-DirectoryObjectIdparameter specifies the ID of the specific Microsoft Entra ID directory object that assigned to the cloud authentication roll-out policy.
Parameters
-DirectoryObjectId
The unique identifier of the specific Microsoft Entra ID object that assigned to the cloud authentication roll-out policy in Microsoft Entra ID.
| Type: | System.String |
| Aliases: | ObjectId |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-FeatureRolloutPolicyId
The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID.
| Type: | System.String |
| Aliases: | Id |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |