Remove-LocalGroupMemberRemote

Windows: Removes members from a local group on a computer

Script

#Requires -Version 5.1

[CmdletBinding()]
Param (
    [Parameter(Mandatory = $true)]
    [string]$GroupName,

    [Parameter(Mandatory = $true)]
    [string[]]$Member,

    [string]$ComputerName = $env:COMPUTERNAME,

    [pscredential]$Credential
)

Process {
    try {
        $scriptBlock = {
            Param($Group, $OldMembers)
            Remove-LocalGroupMember -Group $Group -Member $OldMembers -Confirm:$false -ErrorAction Stop
            Get-LocalGroupMember -Group $Group | Select-Object Name, SID
        }

        if ($ComputerName -ne $env:COMPUTERNAME) {
            $invokeParams = @{
                'ComputerName' = $ComputerName
                'ScriptBlock'  = $scriptBlock
                'ArgumentList' = @($GroupName, $Member)
                'ErrorAction'  = 'Stop'
            }
            if ($null -ne $Credential) {
                $invokeParams.Add('Credential', $Credential)
            }

            $result = Invoke-Command @invokeParams
        }
        else {
            $result = &$scriptBlock -Group $GroupName -OldMembers $Member
        }

        $output = [PSCustomObject]@{
            GroupName      = $GroupName
            RemovedMembers = $Member -join ", "
            RemainingCount = if ($result) { $result.Count } else { 0 }
            ComputerName   = $ComputerName
            Action         = "MembersRemoved"
            Timestamp      = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
        }

        Write-Output $output
    }
    catch {
        throw
    }
}

Customize

GroupName string

Specifies the name of the local group.

Member string

Specifies one or more members to remove (e.g., "Domain\User", "User01").

ComputerName string

Specifies the name of the target computer. Defaults to the local computer.

env string

Credential pscredential

Specifies a PSCredential object for remote connection.