Remove-MsolScopedRoleMember

Note



  • The cmdlets were previously known as the Microsoft Online Services Module for Windows PowerShell cmdlets.

The Remove-MsolScopedRoleMember cmdlet is used to remove a user from an administrative unit-scoped role.

Syntax

Remove-MsolScopedRoleMember -RoleObjectId <Guid> -AdministrativeUnitObjectId <Guid> -RoleMemberObjectId <Guid> [-TenantId <Guid>] [<CommonParameters>]

Remove-MsolScopedRoleMember -RoleObjectId <Guid> -AdministrativeUnitObjectId <Guid> -RoleMemberUserPrincipalName <String> [-TenantId <Guid>] [<CommonParameters>]

Parameters

   -RoleObjectId <Guid>
        The object ID of the role to remove members from.
        
        Required?                    true
        Position?                    named
        Default value                
        Accept pipeline input?       false
        Accept wildcard characters?  false

-AdministrativeUnitObjectId <Guid> 
The object ID of the administrative unit.
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       false
        Accept wildcard characters?  false

 -RoleMemberObjectId 
The object ID of the member to remove. Either -RoleMemberUserPrincipalName or -RoleMemberObjectId must be specified.        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -RoleMemberUserPrincipalName <String>
        The user principal name of the role member to remove. Either -RoleMemberUserPrincipalName or -RoleMemberObjectId must be specified.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
          
    -TenantId <Guid>
        The unique ID of the tenant to perform the operation on. If this is 
        not provided, then the value will default to the tenant of the current user. This parameter is only applicable to partner users.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    <CommonParameters>
        This cmdlet supports the common parameters: Verbose, Debug,
        ErrorAction, ErrorVariable, WarningAction, WarningVariable,
        OutBuffer and OutVariable. For more information, type,
        "get-help about_commonparameters".

Examples

In the following example, user@contoso.com is removed (no longer a member) from the “User Account Administrator” role scoped for administrative unit “West Coast”.

$westcoastau = Get-MsolAdministrativeUnit -searchstring “West Coast” 
$uaadmin = Get-MsolRole -RoleName "User Account Administrator"
$admin1 = Get-MsolUser -UserPrincipalName user@contoso.com
Remove-MsolScopedRoleMember -RoleObjectId $uaadmin.ObjectId - AdministrativeUnitObjectId $westcoastau.ObjectId -RoleMemberObjectId $admin1.ObjectId

Additional Resources

There are several other places you can get more information and help. These include:

See Also

Other Resources

Using Administrative Units - Public Preview
Manage Azure Active Directory by using Windows PowerShell