Site icon TOSS

Remove-ADDomainControllerPasswordReplicationPolicy

powershell

Remove-ADDomainControllerPasswordReplicationPolicy is accessible with the help of addsadministration module. To install addsadministration on your system please refer to this link.

Synopsis

Removes users, computers and groups from the allowed or denied list of a read-only domain controller password replication policy.

Description

The Remove-ADDomainControllerPasswordReplicationPolicy cmdlet removes one or more users, computers and groups from the allowed or denied list of a read-only domain controller (RODC) password replication policy.

The Identity parameter specifies the RODC that uses the allowed and denied lists to apply the password replication policy. You can identify a domain controller by its GUID, IPV4Address, global IPV6Address, or DNS host name. You can also identify a domain controller by the name of the server object that represents the domain controller, the Distinguished Name (DN) of the NTDS settings object or the server object, the GUID of the NTDS settings object or the server object under the configuration partition, or the DN of the computer object that represents the domain controller. You can also set the Identity parameter to a domain controller object variable, such as $, or pass a domain controller object through the pipeline to the Identity parameter. For example, you can use the Get-ADDomainController cmdlet to retrieve a domain controller object and then pass the object through the pipeline to the Remove-ADDomainControllerPasswordReplicationPolicy cmdlet. You must provide a read-only domain controller.

The AllowedList parameters specify the users, computers and groups to remove from the allowed list. Similarly, the DeniedList parameter specifies the users, computers and groups to remove from the denied list. You must specify either one or both of the AllowedList and DeniedList parameters. You can identify a user, computer or group by distinguished name (DN), GUID, security identifier (SID) or security accounts manager (SAM) account name. You can also specify user, computer or group variables, such as $. If you are specifying more than one item, use a comma-separated list.

Parameters

  -Confirm 
         Prompts you for confirmation before running the cmdlet.

   Required?                    false
    Position?                    named
    Default value                false
    Accept pipeline input?       false
    Accept wildcard characters?  false

-WhatIf <SwitchParameter>
    Shows what would happen if the cmdlet runs. The cmdlet is not run.

    Required?                    false
    Position?                    named
    Default value                false
    Accept pipeline input?       false
    Accept wildcard characters?  false

Syntax

Remove-ADDomainControllerPasswordReplicationPolicy [-WhatIf] [-Confirm] -AllowedList <ADPrincipal[]> [-AuthType <ADAuthType>] [-Credential <PSCredential>] [-Identity] <ADDomainController> [-PassThru] [-Server <String>] [<CommonParameters>]

Remove-ADDomainControllerPasswordReplicationPolicy [-WhatIf] [-Confirm] [-AuthType <ADAuthType>] [-Credential <PSCredential>] -DeniedList <ADPrincipal[]> [-Identity] <ADDomainController> [-PassThru] [-Server <String>] [<CommonParameters>]

Notes
This cmdlet does not work with AD LDS.

————————– EXAMPLE 1 ————————–
C:\PS>Remove-ADDomainControllerPasswordReplicationPolicy -Identity “TOSSolution-RODC1” -AllowedList “RameshRaj”, “MaheshSing”
Remove the users with samAccountNames ‘RameshRaj’ and ‘MaheshSing’ from the Allowed list on the RODC ‘TOSSolution-RODC1’.

————————– EXAMPLE 2 ————————–
C:\PS>Remove-ADDomainControllerPasswordReplicationPolicy -Identity “TOSSolution-RODC1” -DeniedList “GirijaKumari”, “DivyaGangadhara”
Remove the users with samAccountNames ‘GirijaKumari’ and ‘DivyaGangadhara’ from the Denied list on the RODC ‘TOSSolution-RODC1’.

You can check the Version, CommandType and Source of this cmdlet by giving below command.

Get-Command Remove-ADDomainControllerPasswordReplicationPolicy

You can also read about
. Add-ADDomainControllerPasswordReplicationPolicy
. Get-ADDomainController
. Get-ADDomainControllerPasswordReplicationPolicy

To know more PowerShell cmdlets(Commands) on addsadministration (Active Directory) click here

Click on this Link for an Single place where you get all the PowerShell cmdlet sorted based on the modules.

You can also refer other blogs on PowerShell at link

You can also refer other blogs on Microsoft at link

And also if you required any technology you want to learn, let us know below we will publish them in our site http://tossolution.com/

Like our page in Facebook and follow us for New technical information.

References are taken from Microsoft

Exit mobile version