Last active Jan 2, 2020
$NTDSPDCEmulator = ([ADSI]'').fsmoroleowner[0]
$PDCEmulator = ([ADSI]"LDAP://$NTDSPDCEmulator").Parent
$PDC = ([ADSI]$PDCEmulator).DnsHostName
# Distinguished Name of the user
$userDN = "CN=xxxx,DC=yyy,DC=zzz"
Invoke-Command -ScriptBlock {
$temp = [io.path]::GetTempFileName()
Set-Content -Path $temp -Value @"
dn: $userDN
changetype: modify
replace: RODCPurgeAccount
RODCPurgeAccount: Null
ldifde -i -f $temp
Remove-Item -Force $temp
} -ComputerName $PDC
