remove LDAP users from local groups

[tlcarpenter]

Is there a way to remove LDAP users previously added to local groups? I used a rule in the Gateway phase of the LDAP plugin to add members of an LDAP group to the local Administrators group. As suggested in the documentation for the LDAP plugin

http://mutonufoai.github.io/pgina/documentation/plugins/ldap.html

I enabled "Scramble password after logout" in the LocalMachine plugin. That does prevent an LDAP user that's been removed from the LDAP group in my LDAP plugin rule from being able to log in, but I'd prefer to remove the entry for the user from the list of users in the local Administrator's group.

[MutonUfoAI]

You can run a script for that http://mutonufoai.github.io/pgina/documentation/plugins/scripting.html#event_notification_change_password Let it run in event notification stage as system on logoff net localgroup administrators "%u" /delete