Edit

Share via

Remove-EntraBetaDirectoryRoleMember

Module:
Microsoft.Entra.Beta

Removes a member of a directory role.

Syntax

Remove-EntraBetaDirectoryRoleMember
      -DirectoryRoleId <String>
      -MemberId <String>
      [<CommonParameters>]

Description

The Remove-EntraBetaDirectoryRoleMember cmdlet removes a member from a directory role in Microsoft Entra ID.

In delegated scenarios, the signed-in user must have either a supported Microsoft Entra role or a custom role with the necessary permissions. The minimum roles required for this operation are:

  • Privileged Role Administrator

Examples

Example 1: Remove a member from a directory role

Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory'
$directoryRole = Get-EntraBetaDirectoryRole -Filter "displayName eq 'Helpdesk Administrator'"
$member = Get-EntraBetaDirectoryRoleMember -DirectoryRoleId $directoryRole.Id | Select Id, DisplayName, '@odata.type' | Where-Object {$_.DisplayName -eq 'Sawyer Miller'}
Remove-EntraBetaDirectoryRoleMember -DirectoryRoleId $directoryRole.Id -MemberId $member.Id

This example removes the specified member from the specified role.

  • -DirectoryRoleId parameter specifies the object ID of the directory role.
  • -MemberId parameter specifies the object ID of the role member to removed.

Parameters

-DirectoryRoleId

Specifies the object ID of a directory role in Microsoft Entra ID.

Type:System.String
Aliases:ObjectId
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-MemberId

Specifies the object ID of a role member.

Type:System.String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False