Remove-QARSAccessTemplateLink
From PowerGUI Wiki
Delete Access Template links in ActiveRoles Server. This cmdlet requires a connection to be established to the ActiveRoles Server Administration Service by supplying the Proxy parameter.
This cmdlet is part of the Quest ActiveRoles Server product. Use Get-QARSProductInfo to view information about ActiveRoles Server.
Contents |
Syntax
Remove-QARSAccessTemplateLink [-Identity] <IdentityParameter> [-Connection <ArsConnection>] [-ConnectionAccount <string>] [-ConnectionPassword <SecureString>] [-Control <hashtable>] [-Credential <PSCredential>] [-Proxy] [-Service <string>] [-UseGlobalCatalog] [-Confirm] [-WhatIf] [<CommonParameters>]
Detailed Description
Use this cmdlet to delete existing links of Access Templates in ActiveRoles Server. This cmdlet takes Access Template links returned by the respective Get- cmdlet, and requests ActiveRoles Server to delete those links. Each Access Template link contains information on how a certain Access Template is applied to determine access rights of a certain security principal (Trustee) on a certain directory object (securable object). For background information about Access Templates, see ActiveRoles Server Administrator Guide.
The cmdlet has optional parameters that determine the server and the security context for the operation. The connection parameters could be omitted since a connection to a server is normally established prior to using this cmdlet. In this case, the server and the security context are determined by the Connect-QADService cmdlet.
If you do not use Connect-QADService and have no connection established prior to using a cmdlet, then the connection settings, including the server and the security context, are determined by the connection parameters of the first cmdlet you use. Subsequent cmdlets will use those settings by default.
Parameters
| Name | Description | Required? | Pipeline Input | Default Value |
|---|---|---|---|---|
| Connection | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| ConnectionAccount | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| ConnectionPassword | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| Control | Use this parameter to pass request controls (in-controls) to ActiveRoles Server as part of an operation request. In ActiveRoles Server, request controls are used to send extra information along with an operation request, to control how ActiveRoles Server performs the request.
The parameter value is a hash table that defines the names and values of the request controls to be passed to ActiveRoles Server. The parameter syntax is as follows: -Control @{<name> = <value>; [<name> = <value>] ...}
In this syntax, each of the name-value pairs is the name and the value of a single control. For instructions on how to create and use hash tables, see topic "about_associative_array" or "about_hash_tables" in Windows PowerShell Help. For information about ActiveRoles Server request controls, refer to ActiveRoles Server SDK documentation. Note that this parameter only has an effect on the operations that are performed through ActiveRoles Server (connection established using the Proxy parameter); otherwise, this parameter causes an error condition in ActiveRoles Management Shell. | false | false | |
| Credential | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| Identity | You can specify the name, canonical name, or distinguished name (DN) of the link to delete (so as to identify the respective object located in the 'Configuration/AT Links' container in the ActiveRoles Server Configuration namespace).
Normally, pipelining is used to identify links: pass the output of the appropriate Get- cmdlet to this cmdlet. If you do so, the Identity parameter is not to be supplied on the command line. See examples. | true | true (ByValue) | |
| Proxy | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| Service | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| UseGlobalCatalog | For parameter description, see help on the Connect-QADService cmdlet. | false | false | |
| Confirm | Prompts you for confirmation before executing the command. | false | false | |
| WhatIf | Describes what would happen if you executed the command without actually executing the command. | false | false |
Examples
EXAMPLE 1
connect-QADService -Proxy C:\PS>new-QARSAccessTemplateLink newATLink -AccessTemplate 'Configuration/Access Templates/Active Directory/All Objects - Full Control' -DirectoryObject 'CN=Active Directory' -Trustee 'Authenticated Users' C:\PS>remove-QARSAccessTemplateLink newATLink -Confirm
Description
Connect to any available Administration Service, create a new Access Template link, and then delete the link you created.
EXAMPLE 2
connect-QADService -Proxy C:\PS>get-QARSAccessTemplateLink -AccessTemplate 'AccessTemplateName' -Predefined $false | remove-QARSAccessTemplateLink -Confirm
Description
Given the name of an Access Template, ensure that the Access Template is no longer applied to any object (delete all links that are based on that Access Template).
EXAMPLE 3
connect-QADService -Proxy C:\PS>get-QARSAccessTemplateLink -AccessTemplate 'AccessTemplateName' -DirectoryObject 'OrganizationalUnitName' -Predefined $false | remove-QARSAccessTemplateLink -Confirm
Description
Given the name of an Access Template and the name of an organizational unit (OU), remove all security settings on that OU that are determined by that Access Template (remove all links that are based on the given Access Template and applied to the given OU).
EXAMPLE 4
connect-QADService -Proxy C:\PS>get-QARSAccessTemplateLink -AccessTemplate 'AccessTemplateName' -Trustee 'domainName\groupName' -Predefined $false | remove-QARSAccessTemplateLink -Confirm
Description
Given the name of an Access Template and the pre-Windows 2000 name of a group, revoke all access rights from that group that are defined by using that Access Template (remove all links that are based on the given Access Template and point to the given group).
