Remove-ADXForeignSecurityPrincipal

Namespace ADPlayground.PowerShell

Removes Foreign Security Principals. Defaults to removing orphaned FSPs (no references) with WhatIf/Confirm support.

Examples

Authored help example

Example 1: Preview orphaned removals


Remove-ADXForeignSecurityPrincipal -WhatIf

Example 2: Remove specific FSP by DN (with confirmation)


Remove-ADXForeignSecurityPrincipal -DistinguishedName 'CN=S-1-5-21-...,...' -Confirm

Example 3: Remove orphaned FSPs and emit removed objects


$removed = Remove-ADXForeignSecurityPrincipal -OrphanedOnly -PassThru -Confirm; $removed.Count

Common Parameters

This command supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable.

For more information, see about_CommonParameters.

Syntax

Remove-ADXForeignSecurityPrincipal [-DistinguishedName <string[]>] [-Domain <string>] [-Max <int>] [-OrphanedOnly] [-PassThru] [<CommonParameters>]

Parameters

DistinguishedName string[] optionalposition: namedpipeline: false: One or more distinguished names (DNs) of Foreign Security Principals to remove explicitly. When provided, the cmdlet will not enumerate; only the specified DNs are targeted.
Domain string optionalposition: namedpipeline: false: Optional domain NetBIOS/LDAP name to scope enumeration. When omitted, the current forest is scanned.
Max int optionalposition: namedpipeline: false: Limits the maximum number of FSP entries to remove. Use 0 for no limit.
OrphanedOnly SwitchParameter optionalposition: namedpipeline: false: Restrict removal to orphaned FSPs only (no group or other references). If -DistinguishedName is provided, this switch is ignored.
PassThru SwitchParameter optionalposition: namedpipeline: false: Emit removed FSP objects (DN/Domain/Identity/Reasons) in addition to the count.