Remove-CMSecurityScopeFromAdministrativeUser

Removes the association between security scopes and an administrative user.

Syntax

Remove-CMSecurityScopeFromAdministrativeUser
      -SecurityScopeId <String>
      -AdministrativeUser <IResultObject>
      [-Force]
      [-DisableWildcardHandling]
      [-ForceWildcardHandling]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-CMSecurityScopeFromAdministrativeUser
      -SecurityScopeName <String>
      -AdministrativeUser <IResultObject>
      [-Force]
      [-DisableWildcardHandling]
      [-ForceWildcardHandling]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-CMSecurityScopeFromAdministrativeUser
      -SecurityScope <IResultObject>
      -AdministrativeUser <IResultObject>
      [-Force]
      [-DisableWildcardHandling]
      [-ForceWildcardHandling]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-CMSecurityScopeFromAdministrativeUser
      -SecurityScopeId <String>
      -AdministrativeUserId <Int32>
      [-Force]
      [-DisableWildcardHandling]
      [-ForceWildcardHandling]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-CMSecurityScopeFromAdministrativeUser
      -SecurityScopeName <String>
      -AdministrativeUserId <Int32>
      [-Force]
      [-DisableWildcardHandling]
      [-ForceWildcardHandling]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-CMSecurityScopeFromAdministrativeUser
      -SecurityScope <IResultObject>
      -AdministrativeUserId <Int32>
      [-Force]
      [-DisableWildcardHandling]
      [-ForceWildcardHandling]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-CMSecurityScopeFromAdministrativeUser
      -SecurityScopeName <String>
      -AdministrativeUserName <String>
      [-Force]
      [-DisableWildcardHandling]
      [-ForceWildcardHandling]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-CMSecurityScopeFromAdministrativeUser
      -SecurityScopeId <String>
      -AdministrativeUserName <String>
      [-Force]
      [-DisableWildcardHandling]
      [-ForceWildcardHandling]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-CMSecurityScopeFromAdministrativeUser
      -SecurityScope <IResultObject>
      -AdministrativeUserName <String>
      [-Force]
      [-DisableWildcardHandling]
      [-ForceWildcardHandling]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Remove-CMSecurityScopeFromAdministrativeUser cmdlet removes the association between one or more security scopes and an administrative user.

After you remove the association between a security scope and an administrative user, the administrative user cannot view the objects in Microsoft System Center Configuration Manager that are associated with the security scope, and no longer has the permission to perform the tasks that are related to those objects.

Examples

Example 1: Remove a security scope from an administrative user

PS C:\> Remove-CMSecurityScopeFromAdministrativeUser -AdministrativeUserName "Contoso\PattiFuller" -SecurityScopeName "SecScope02"

This command removes the association between the security scope named SecScope02 and the administrative user named Contoso\PattiFuller.

Required Parameters

-AdministrativeUser

Specifies a CMAdministrativeUser object. To obtain a CMAdministrativeUser object, use the Get-CMAdministrativeUser cmdlet.

Type:IResultObject
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-AdministrativeUserId

Specifies the ID of an administrative user.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-AdministrativeUserName

Specifies the name of an administrative user.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SecurityScope

Specifies a security scope object. To obtain a security scope object, use the Get-CMSecurityScope cmdlet.

Type:IResultObject
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-SecurityScopeId

Specifies the ID of a security scope.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SecurityScopeName

Specifies the name of a security scope. A security scope name can be Default or the name of a custom security scope.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Optional Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False
-DisableWildcardHandling

DisableWildcardHandling treats wildcard characters as literal character values. Cannot be combined with ForceWildcardHandling.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Force

Forces the command to run without asking for user confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ForceWildcardHandling

ForceWildcardHandling processes wildcard characters and may lead to unexpected behavior (not recommended). Cannot be combined with DisableWildcardHandling.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False