remove-items-from-active-directory-n-dsmgmt-directory-service-management-ne [DSRM]

DSRM.exe (installable option either via RSAT /AD DS or adminpack.msi)

Delete objects from active directory.

Syntax DSRM ObjectDN [-subtree [-exclude]] [-noprompt] [{-s Server | -d Domain}] [-u UserName] [-p {Password | *}] [-c] [-q] [{-uc | -uco | -uci}]Key ObjectDN Distinguished name of the group that you want to remove. If omitted will be taken from standard input (stdin) -subtree Delete the object and all objects contained in its subtree. -exclude Delete all objects contained in the subtree, but not the object itself. -noprompt Do not prompt to confirm deletion. -s Server Connect to a remote server/domain, default=%logonserver% domain controller. -c Continue with the next object after any error (when you specify multiple target objects) by default dsrm will exit when the first error occurs. -q Quiet, suppress all output -uc Unicode format -uco Unicode format for output only -uci Unicode format for input only


Remove all objects under the OU AcmeCo, but leave the OU intact:

C:> dsrm -subtree -exclude -noprompt -c “OU=AcmeCo,DC=ss64,DC=Com”

Find all the computer objects that have been inactive in AD for the last 52 weeks and remove them:

C:> dsquery computer -inactive 52 | dsrm -noprompt

“If future generations are to remember us with gratitude rather than contempt, we must leave them more than the miracles of technology. We must leave them a glimpse of the world as it was in the beginning, not just after we got through with it” ~ President Lyndon B. Johnson


DSAdd – Add object
DSMod – Modify object
DSGet – Display object
DSMove – Move object
DSQuery – Search for objects
OldCmp – Joeware utility for safely removing User and Computer accounts.
Equivalent bash commands (Linux): groupdel/userdel – Delete user/group


Β« Back to Glossary Index