Phone Live Chat
US: +1 888 720 9500
US: +1 800 443 6694
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9393

Remove users

Remove users from group API

This API helps in removing user accounts from Active Directory groups from your application.

Request URL (JSON) Format: http:// <hostname> : <port> /RestAPI/RemoveUsersFromGroup

Request Parameters:

Parameters Mandatory Description
AuthToken Yes Authentication token obtained using the Generate AuthToken API.
domainName Yes Domain in which the user object's group membership has to be modified
inputFormat Yes Details of the attributes of user accounts to be modified. This attribute should be a JSONArray string and should be in the format mentioned below.
[>,<JSONObject>,<JSONObject>]; JSONObject - key/value pair of LDAP attributes and their corresponding values
Sample code in java: 
JSONArray userDetails = new JSONArray(); JSONObject json = new JSONObject(); json.put("sAMAccountName", "John"); userDetails.put(json);  
json = new JSONObject(); json.put("sAMAccountName", "Damien");userDetails.put(json);
Note: If the "templateName" attribute is not included in the key/value pair, the default user modification template assigned for the technician will be used.
PRODUCT_NAME Yes Product name/module name from which the request is being sent; will be needed for auditing.
isRemoveFromAllGroup Yes Remove all the existing memberships of the specific user. The value of this parameter can be set to True or False based on the requirements.
removeGroup No List of all sAMAccountName of the groups.


The response will be a JSON array string which contains the list of JSONObjects. Each JSONObject in the list represents a user sent in the inputFormat attribute in the request. Each object will contain the following properties about the status.

Parameters Description
status Status of the user modification operation: '1' on successful modification. '0' if there is an error.
statusMessage Contains the message about the issues or errors that occur while performing the specified action.
sAMAccountName sAMAccountName of the user account removed.
userPrincipalName userPrincipalName of the user account removed.

Sample request: 

http://admanager:8080/RestAPI/RemoveUsersFromGroup?PRODUCT_NAME=MODULE&AuthToken=75adb327-91a0-4384-98b6-6c42332f8263&domainName=admp.local&inputFormat=[{"sAMAccountName":"john"}]&isRemoveFromAllGroup=false&removeGroup=[Account Operators, Administrators]


Sample Response:

[{"sAMAccountName":"john","objectSID":"S-1-5-21-2664452653-2810534411-3271467435-4097","userPrincipalName":"john@admp.local","statusMessage":"Successfully modified.","status":"1"}]

Technician-based remove users from group limit

The total number of times that technicians can remove users from a group, in a day using the RemoveUsersFromGroup API depends on the total number of licensed help desk technicians (HDTs).

The maximum number of API calls that an HDT can make is 50/day, irrespective of the tasks that the HDT performs. If you have two HDT licenses, the total number of API calls that you can make is 100/day, that is 2*50.

As the per day API call limit is not task-specific, you can perform any operation but the total number of API calls should not exceed 100. That is, an HDTcan perform a variety of operations like user creation, OU creation, password reset, etc., but the number of API calls for all the tasks put together should not exceed 100.

ADManager Plus Trusted By

The one-stop solution to Active Directory Management and Reporting
Email Download Link