I often find myself needing to audit group membership for various reasons (mostly just to clean up disabled users…turnover is a pain). Typically when I’m doing anything in scale I like to loop through an array to make my life easier, like I do in the following script to remove users from AD groups. In this particular instance, I usually receive an array of UPN’s that someone wishes to have removed from a group. Given that I do a split so that I only grab the sAMAccountName.
$arrDisabledUsers = Get-Content C:\DisabledUsers.txt
$strGroup1 = "Group1"
$strGroup2 = "Group2"
foreach($strUser in $arrDisabledUsers)
$strUserSplit = $strUser.Split("@")
Remove-ADGroupMember -Identity $strGroup1 -Member $strUserSplit -Confirm:$false
Remove-ADGroupMember -Identity $strGroup2 -Member $strUserSplit -Confirm:$false
Write-Host $strUserSplit "removed from Group1 & Group2 groups" -ForegroundColor Magenta