GroupID Automate & Self-Service
We have multiple groups in our environment and we would like to set different expiry policies for different sets of groups.
To apply the expiry policy through the management shell, launch GroupID Management Shell and issue the following commands depending on the requirement. Please note that the number of days set for the expiry policy must be one of the supported values.
To apply the expiry policy on a single group, use the identity switch with the DN of the group to which you want to apply the policy.
Here is how the command looks and behaves when we run it in GroupID Management Shell:
To apply the policy on multiple groups, use the SearchContainer filter with the DN of the OU and then use the Set-Group switch to apply. The given command will retrieve all the groups from the specified OU and apply the expiry policy of 60 days to all of them.
The command will remain the same as in case of an OU; however, this time you will use the domain name.
- Set-Group -Identity " DN of the target group" -ExpirationPolicy '60'
- Get-Group -SearchContainer "DN of the target OU" | Set-Group -ExpirationPolicy '60'
- Get-Group -SearchContainer "target domain" | Set-Group -ExpirationPolicy '60'
For more information, type the cmdlet, get-help Set-Group –Full or refer to the GroupID Management Shell guide.
GroupID Management Shell Guide