When submitting an uninstall request, users are not being removed from AD Groups.
This is a current limitation with App Broker. When uninstalling, users will not be removed from AD Groups when submitting an uninstall request.
To work around this Limitation, a command action can be invoked in the On Success Uninstall event for the Catalog Item. The following steps can be used to implement this:
param(
[string]$groupName, #specify a custom variable containing the group name
[string]$userName #pass the variable ##UserName##
)
Remove-ADGroupMember -identity $groupName -Members $userName -Confirm:$false
##Custom_GroupName## ##UserName##
Note that ##Custom_GroupName## is a custom variable that will be created in the next step. The variable ##UserName## resolves to the target user name. The following screen capture illustrates the Command settings:
After following these steps, the target user should be removed from the specified group name when after the uninstallation successfully com.
Jul 11, 2022 07:45 AM