Uninstall-ADServiceAccount

Uninstall-ADServiceAccount is accessible with the help of addsadministration module. To install addsadministration on your system please refer to this link.

Uninstalls an Active Directory managed service account from a computer or removes a cached group managed service account from a computer.

The Uninstall-ADServiceAccount cmdlet removes an Active Directory standalone managed service account (MSA) on the computer on which the cmdlet is run. For group MSAs, the cmdlet removes the group MSA from the cache, however, if a service is still using the group MSA and the host has permission to retrieve the password a new cache entry will be created. The specified MSA must be installed on the computer.

The Identity parameter specifies the Active Directory MSA to uninstall. You can identify a MSA by its distinguished name (DN), GUID, security identifier (SID), or Security Accounts Manager (SAM) account name. You can also set the parameter to a MSA object variable, such as $ or pass a MSA object through the pipeline to the Identity parameter. For example, you can use the Get-ADServiceAccount to get a MSA object and then pass that object through the pipeline to the Uninstall-ADServiceAccount cmdlet.

For standalone MSA, the ForceRemoveLocal switch parameter will allow you to remove the account from the local LSA without failing the command if an access to a writable DC is not possible. This is required if you are uninstalling the standalone MSA from a server that is placed in a segmented network (i.e. perimeter network) with access only to an RODC. If you pass this parameter and the server has access to a writable DC the standalone MSA will be un-linked from the computer account in the directory as well.

-AuthType 
         Specifies the authentication method to use. Possible values for this parameter include:

    Required?                    false
    Position?                    named
    Default value                Microsoft.ActiveDirectory.Management.AuthType.Negotiate
    Accept pipeline input?       false
    Accept wildcard characters?  false

-ForceRemoveLocal <SwitchParameter>
    The ForceRemoveLocal switch parameter will allow you to remove the account from the local LSA without failing the command if an access to a writable DC is not possible. This is required if you are uninstalling the MSA from a server that is placed in a segmented network (i.e. perimeter network) with access only to an RODC. If you pass this parameter and the server has access to a writable DC the account will be un-linked from the computer account in the directory as well.

    Required?                    false
    Position?                    named
    Default value                
    Accept pipeline input?       false
    Accept wildcard characters?  false

-Identity <ADServiceAccount>
    Specifies an Active Directory account object by providing one of the following property values. The identifier in parentheses is the LDAP display name for the attribute.

    Required?                    true
    Position?                    1
    Default value                
    Accept pipeline input?       True (ByValue)
    Accept wildcard characters?  false

-Confirm <SwitchParameter>
    Prompts you for confirmation before running the cmdlet.

    Required?                    false
    Position?                    named
    Default value                false
    Accept pipeline input?       false
    Accept wildcard characters?  false

-WhatIf <SwitchParameter>
    Shows what would happen if the cmdlet runs. The cmdlet is not run.

    Required?                    false
    Position?                    named
    Default value                false
    Accept pipeline input?       false
    Accept wildcard characters?  false

Notes
This cmdlet does not work with AD LDS.

————————– EXAMPLE 1 ————————–
C:\PS>Uninstall-ADServiceAccount -Identity SQL-SRV1
Uninstall the managed service account SQL-SRV1 from the local machine.

————————– EXAMPLE 2 ————————–
C:\PS>Uninstall-ADServiceAccount sql-hr-01 -ForceRemoveLocal|
Uninstall a standalone Managed Service Account from a server located in a RODC-only site with no access to writable DCs such as a perimeter network.

You can check the Version, CommandType and Source of this cmdlet by giving below command.

You can also read about
. Get-ADServiceAccount
. Install-ADServiceAccount
. New-ADServiceaccount
. Remove-ADServiceaccount
. Set-ADServiceaccount

To know more PowerShell cmdlets(Commands) on addsadministration (Active Directory) click here

Click on this Link for an Single place where you get all the PowerShell cmdlet sorted based on the modules.

You can also refer other blogs on PowerShell at link

You can also refer other blogs on Microsoft at link

And also if you required any technology you want to learn, let us know below we will publish them in our site http://tossolution.com/

Like our page in Facebook and follow us for New technical information.

References are taken from Microsoft