{"id":9002,"date":"2025-07-01T08:18:07","date_gmt":"2025-07-01T08:18:07","guid":{"rendered":"https:\/\/pariswells.com\/blog\/?p=9002"},"modified":"2025-10-03T01:59:01","modified_gmt":"2025-10-03T01:59:01","slug":"powershell-for-fixing-admincount-variable-for-users-who-have-left-privledged-roles-onprem","status":"publish","type":"post","link":"https:\/\/pariswells.com\/blog\/research\/powershell-for-fixing-admincount-variable-for-users-who-have-left-privledged-roles-onprem","title":{"rendered":"Powershell for Fixing AdminCount variable for Users who have left privledged \\ senstive roles onPrem"},"content":{"rendered":"\n
# Import Active Directory module\nImport-Module ActiveDirectory\n\n# Get all users with adminCount=1\n$adminUsers = Get-ADUser -LDAPFilter \"(adminCount=1)\" -Properties MemberOf,adminCount\n\n# Get all groups with adminCount=1\n$adminGroups = Get-ADGroup -Filter {AdminCount -eq 1}\n\n# Create an array to store users not in admin groups\n$usersNotInAdminGroups = @()\n\n# Check each user\nforeach ($user in $adminUsers) {\n    $isMember = $false\n    \n    # Check membership in each admin group\n    foreach ($group in $adminGroups) {\n        # Get group members\n        $groupMembers = Get-ADGroupMember -Identity $group | Select-Object -ExpandProperty SamAccountName\n        \n        # Check if user is in this group\n        if ($groupMembers -contains $user.SamAccountName) {\n            $isMember = $true\n            break\n        }\n    }\n    \n    # If user is not in any admin groups, add to list\n    if (-not $isMember) {\n        $usersNotInAdminGroups += [PSCustomObject]@{\n            UserName = $user.SamAccountName\n            DisplayName = $user.Name\n            DistinguishedName = $user.DistinguishedName\n        }\n    }\n}\n\n# Clear adminCount for users not in admin groups\nforeach ($user in $usersNotInAdminGroups) {\n    try {\n        Write-Host \"Clearing adminCount for user: $($user.UserName)\"\n        Set-ADUser -Identity $user.UserName -Clear adminCount -ErrorAction Stop\n        Write-Host \"Successfully cleared adminCount for $($user.UserName)\" -ForegroundColor Green\n    }\n    catch {\n        Write-Host \"Failed to clear adminCount for $($user.UserName): $($_.Exception.Message)\" -ForegroundColor Red\n    }\n}\n\n# Output results\nWrite-Host \"`nFinal Results:\"\n$usersNotInAdminGroups | Format-Table -AutoSize<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-9002","post","type-post","status-publish","format-standard","hentry","category-research"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/9002","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/comments?post=9002"}],"version-history":[{"count":2,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/9002\/revisions"}],"predecessor-version":[{"id":9273,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/9002\/revisions\/9273"}],"wp:attachment":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/media?parent=9002"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/categories?post=9002"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/tags?post=9002"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}