Remove-CMSecurityScopeFromAdministrativeUser

  • Article

Remove-CMSecurityScopeFromAdministrativeUser

Removes the association between security scopes and an administrative user.

Syntax

Parameter Set: RemoveScopeFromAdminByName_Name
Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUserName <String> -SecurityScopeName <String> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: RemoveScopeFromAdminById_Id
Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUserId <Int32> -SecurityScopeId <String> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: RemoveScopeFromAdminById_Name
Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUserName <String> -SecurityScopeId <String> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: RemoveScopeFromAdminById_Object
Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUser <IResultObject> -SecurityScopeId <String> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: RemoveScopeFromAdminByName_Id
Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUserId <Int32> -SecurityScopeName <String> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: RemoveScopeFromAdminByName_Object
Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUser <IResultObject> -SecurityScopeName <String> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: RemoveScopeFromAdminByObject_Id
Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUserId <Int32> -SecurityScope <IResultObject> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: RemoveScopeFromAdminByObject_Name
Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUserName <String> -SecurityScope <IResultObject> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: RemoveScopeFromAdminByObject_Object
Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUser <IResultObject> -SecurityScope <IResultObject> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Detailed Description

The Remove-CMSecurityScopeFromAdministrativeUser cmdlet removes the association between one or more security scopes and an administrative user.

After you remove the association between a security scope and an administrative user, the administrative user cannot view the objects in Microsoft System Center 2012 SP1 Configuration Manager that are associated with the security scope, and no longer has the permission to perform the tasks that are related to those objects.

Parameters

-AdministrativeUser<IResultObject>

Specifies a CMAdministrativeUser object. To obtain a CMAdministrativeUser object, use the Get-CMAdministrativeUser cmdlet.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AdministrativeUserId<Int32>

Specifies the ID of an administrative user.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AdministrativeUserName<String>

Specifies the name of an administrative user.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Force

Forces the command to run without asking for user confirmation.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-SecurityScope<IResultObject>

Specifies a security scope object. To obtain a security scope object, use the Get-CMSecurityScope cmdlet.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-SecurityScopeId<String>

Specifies the ID of a security scope.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-SecurityScopeName<String>

Specifies the name of a security scope. A security scope name can be Default or the name of a custom security scope.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Confirm

Prompts you for confirmation before running the cmdlet.

Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see    about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

Outputs

The output type is the type of the objects that the cmdlet emits.

Examples

Example 1: Remove a security scope from an administrative user

This command removes the association between the security scope named SecScope02 and the administrative user named Contoso\PattiFuller.

PS C:\> Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUserName "Contoso\PattiFuller" -SecurityScopeName "SecScope02"

Add-CMSecurityScopeToAdministrativeUser

Get-CMAdministrativeUser

Get-CMSecurityScope

New-CMSecurityScope

Remove-CMSecurityScope

Set-CMSecurityScope