-
Titre
HOW TO: Removing a membership rule from a Managed Unit or Dynamic Group using ADSI calls -
Description
When working with Managed Units or Dynamic Groups using PowerShell, it is possible to add membership rules using methods similar to those documented in this resource:
https://www.oneidentity.com/community/active-roles/w/wiki/1040/create-dynamic-group-in-powershell
That being said: how can membership rules be removed?
-
Cause
Membership rules can be removed using the RemoveAT(index) method.
-
Résolution
WORKAROUND
For example:
$objGroup = [ADSI] "EDMS://CN=DirSyncTest,OU=Dynamic Groups,DC=lab,DC=local"
$objRuleCollection = $objGroup.MembershipRuleCollection
It is possible to view all of the configured rules by examining $objRuleCollection
It is possible to count the rules by executing:
$objRuleCollection.Count()
To remove the first rule that is configured, run the following:
$objRuleCollection.RemoveAt(0)
$objGroup.SetInfo()
NOTE: In a concurrency model, this method is not thread-safe. The index value that is passed may provide unexpected results if another process modified the membership list.
RESOLUTION
An Enhancement Request has been created to include a thread-safe membership rule remove method.
Product Management will evaluate the request and this feature may become available in a future release of the product.
There are no guarantees that this specific enhancement request will be implemented in a future release.
For more information regarding our Enhancement Request policy, refer to our Global Support Guide on the Support Portal at: https://support.oneidentity.com/essentials/support-guide/
-
Demande de changement
481245