Remove-AipServiceRoleBasedAdministrator
Removes administrative rights from Azure Information Protection.
Syntax
Remove-AipServiceRoleBasedAdministrator
[-ObjectId <Guid>]
[-Role <Role>]
[<CommonParameters>]
Remove-AipServiceRoleBasedAdministrator
[-SecurityGroupDisplayName <String>]
[-Role <Role>]
[<CommonParameters>]
Remove-AipServiceRoleBasedAdministrator
[-EmailAddress <String>]
[-Role <Role>]
[<CommonParameters>]
Description
The Remove-AipServiceRoleBasedAdministrator cmdlet removes administrative rights from Azure Information Protection, so that administrators you have previously delegated to configure the protection service can no longer do so by using PowerShell commands.
You must use PowerShell to configure delegated administrative control for the protection service from Azure Information Protection, you cannot do this configuration by using a management portal.
To see the full list of delegated administrators for the protection service, use Get-AipServiceRoleBasedAdministrator. Run the Remove-AipServiceRoleBasedAdministrator cmdlet for each user or group that you want to remove from the list.
Examples
Example 1: Remove administrative rights by using a display name
PS C:\>Remove-AipServiceRoleBasedAdministrator -SecurityGroupDisplayName "Finance Employees"
This command removes administrative rights from Azure Information Protection for the group that has a display name of "Finance Employees".
Example 2: Remove administrative rights by using an email address
PS C:\>Remove-AipServiceRoleBasedAdministrator -EmailAddress "[email protected]"
This command removes administrative rights from Azure Information Protection for the user who has an email address of "[email protected]".
Parameters
-EmailAddress
Specifies the email address of a user or group to remove administrative rights from Azure Information Protection. If the user has no email address, specify the user's Universal Principal Name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ObjectId
Specifies the GUID of a user or group to remove administrative rights from Azure Information Protection.
Type: | Guid |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Role
Specifies a role. The cmdlet removes an administrator that belongs to the role that you specify.
The acceptable values for this parameter are:
ConnectorAdministrator
GlobalAdministrator
If you do not specify a role, the cmdlet removes the administrator from the GlobalAdministrator role.
Type: | Role |
Accepted values: | GlobalAdministrator, ConnectorAdministrator |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-SecurityGroupDisplayName
Specifies the display name of a user or group that should no longer have administrative rights for Azure Information Protection.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |