cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Symptoms:

When submitting an uninstall request, users are not being removed from AD Groups.

Diagnosis:

This is a current limitation with App Broker. When uninstalling, users will not be removed from AD Groups when submitting an uninstall request. 

Solution:

To work around this Limitation, a command action can be invoked in the On Success Uninstall event for the Catalog Item. The following steps can be used to implement this:

  1. Create a new text file named removeFromGroup.ps1.
  2. Edit removeFromGroup.ps1 and add the following to the script:

param(
[string]$groupName, #specify a custom variable containing the group name
[string]$userName #pass the variable ##UserName##
)
Remove-ADGroupMember -identity $groupName -Members $userName -Confirm:$false

  1. Under Site Management -> Commands and Actions -> Script Commands, create a new command named removeFromGroup. Under Command File, select the removeFromGroup.ps1 created previously.
  2. For the command arguments, specify the following:

 ##Custom_GroupName## ##UserName##

Note that  ##Custom_GroupName## is a custom variable that will be created in the next step. The variable ##UserName## resolves to the target user name.  The following screen capture illustrates the Command settings:

CommandAction.png

  1. To create the custom variable, open the catalog item, and go to the Custom Variables tab. Select "Add New Variable, and set the variable name to "GroupName". Set the value to the name of the AD Group where the user will be removed. The following screen capture shows the custom variable configuration:

CustomVariable.png

  1. Next, go to the Actions tab of the catalog item, and select the "On Success Uninstall" event. Under Add an action, select Command Execution for "Select a service", and "RemoveFromGroup" action for "Select a method or command". Finally, select the Add button to save the action. The following illustrates:

Action.png

After following these steps, the target user should be removed from the specified group name when after the uninstallation successfully com.

Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Jul 11, 2022 07:45 AM
Updated by: