public/Remove-RBACComponent.ps1
|
Function Remove-RBACComponent { [CmdletBinding(SupportsShouldProcess=$true,ConfirmImpact='high')] Param ( [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=0)] [ValidateScript({ $(get-rbacComponent).component.contains($_) })] [ArgumentCompleter( {(get-RBACComponent).Component})] [String]$Component, [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=1)] [ValidateScript({[bool](get-rbacOrg -org $_)})] [ArgumentCompleter( {(get-RBACOrg).Org})] [String]$Org ) BEGIN { $shouldProcess = @{ Confirm = [bool]($ConfirmPreference -ne "none") Whatif = [bool]($WhatIfPreference.IsPresent) } $ComputerTargetPath = "OU={0},OU={1},{2}" -f $ComputersOU, $GlobalOUStruct.name, $GlobalOUStruct.path } Process { if ($PsItem.org) { $Org = $_.Org} if ($PsItem.Component) {$Component = $_.Component} if ($Org) { $OrgList = get-rbacOrg -org $org } else { $OrgList = get-rbacOrg } foreach ($orgObject in $orgList) { if ($component) { $ComponentList = get-RBACComponent -org $orgObject.org -Component $Component -detailed } else { $ComponentList = get-rbacComponent -org $orgObject.org -detailed } foreach ($componentObject in $componentList) { write-Host ("Moving any computer objects out to Global @ {0}" -f $ComputerTargetPath ) $EndpointList = get-RBACComponentEndpoints -org $orgObject.Org -component $ foreach ($endpoint in $endpointList) { $MoveParams = @{ identity = $endpoint.distinguishedName TargetPath = $ComputerTargetPath } $moveParams move-adobject @MoveParams @shouldProcess } $RemovePath = $ComponentObject.distinguishedName if ($PSCmdlet.ShouldProcess($removePath,"Removing protection and deleting OU Subtree")) { DeleteOUSubtreeWithConfirm -path $removePath -Confirm:$false } foreach ($GPOItem in ($componentTemplate.GPOs.getEnumerator())) { $GPOName = "{0}-{1}" -f $GPOItem.metadata.NamePrefix, $ComponentObject.ObjectMidName if ($PSCmdlet.ShouldProcess($GPOName,"Deleting GPO")) { remove-gpo -name $GPOName -verbose } } } } } } |