Removing Role-Owners from Roles
Removing Role-Owners from Roles
In this section it is discussed how role owners can be removed from roles in a given context. The cmdlet Revoke-EmdbPermission is used to perform that task.
Examples:
Hint: The execution of these examples requires a connected PowerShell drive. |
Since a permission is specified by a triplet of a user resp. an external group, a context and a role this objects have to be retrieved first:
$MyUser = Get-EmdbUser -Path 'emdb:\rootDSE\Managed Users & Computers\Users\Tester' $MyContext = Get-EmdbDomain -Path 'emdb:\rootDSE\Managed Users & Computers\TestingArea' $MyRole = Get-EmdbRole -Path 'Testing Manager' |
Next the permission can be removed:
Revoke-EmdbPermission -Role $MyRole -Grantee $MyUser -OnObject $MyContext |