Remove-EntraScopedRoleMembership
Removes a scoped role membership.
Syntax
Remove-EntraScopedRoleMembership
-ObjectId <String>
-ScopedRoleMembershipId <String>
[<CommonParameters>] Description
The Remove-EntraScopedRoleMembership cmdlet removes a scoped role membership from Microsoft Entra ID. Specify ObjectId and ScopedRoleMembershipId parameter to remove a scoped role membership.
Examples
Example 1: Remove a scoped role membership
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq '<administrativeunit-display-name>'"
$params = @{
ObjectId = $AdministrativeUnit.ObjectId
ScopedRoleMembershipId = 'dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc'
}
Remove-EntraScopedRoleMembership @paramsThis cmdlet removes a specific scoped role membership from Microsoft Entra ID. You can use the command Get-EntraAdministrativeUnit to get administrative unit Id.
-ObjectIdparameter specifies the ID of an administrative unit.-ScopedRoleMembershipIdparameter specifies the ID of the scoped role membership to remove. To obtain the details of a scoped role membership, you can use theGet-EntraScopedRoleMembershipcommand.
Parameters
-ObjectId
Specifies the ID of an administrative unit object.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ScopedRoleMembershipId
Specifies the ID of the scoped role membership to remove.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |