Setting Expiration Policy for Groups in Bulk Using Management Shell
Applies To
Netwrix Directory Manager 11
Overview
This article explains how to use the Netwrix Directory Manager Management Shell to set the expiration policy for groups in bulk. Follow the steps below to complete this task.
NOTE: Before making any changes to your environment, create a backup or snapshot of the Netwrix Directory Manager server. Additionally, test the provided method on a small number of groups first. Once confirmed successful, apply it to the remaining groups in bulk.
Instructions
-
Launch the Netwrix Directory Manager Management Shell.
-
Use the following cmdlet to export the Common Names of all groups for which you want to apply the bulk expiration policy into a CSV file:
Get-group | Select CN | Export-csv "PATH TO EXPORT FILE" -NoTypeInformation
- To limit the export to a specific organizational unit (OU), use the following cmdlet instead:
Get-group -SearchContainer "DISTINGUISH_NAME OF THE OU" | Select CN | Export-CSV "PATH TO EXPORT FILE" -NoTypeInformation
- Import the data from the exported CSV file and apply the expiration policy using the following cmdlet:
$Data = Import-CSV "PATH OF THE EXPORTED FILE"
Foreach($d in $data) {Set-Group -Identity $d.Cn -ExpirationPolicy "120" -ExtendGroupLife}
The value 120 represents the number of days before expiration and can be adjusted as needed.
NOTE: For additional assistance, contact Netwrix Technical Support.