How to remove users from a site that have a specific permission level (PowerShell)

Introduction

This PowerShell script shows how to remove users from a site that have a specified permission level. 

Scenarios

You cannot remove users from a site by using the UI and it is difficult to find all users that have a specific permission level.

Script 

This script contains the advanced function Remove-OSCSPSiteUser. You can use this script in the following ways: 

Method 1:

1. Download the script and open the script file by using Notepad or any other script editor.
2. Scroll down to the end of the script file, and then add the example command that you want to run.
3. Save the file and then run the script in PowerShell.  

Method 2:

1.  Rename scriptname.ps1 to scriptname.psm1 (PowerShell Module file).
2.  Run the Import-Module cmdlet to import this module file. The command is displayed as follows:
        Import-Module filepath\scriptname.psm1

Here are some code snippets for your references. To get the complete script sample, please click the download button at the beginning of this page.

If($UserPermission -match $Permission)
{
    #Delete the user 
    $Flag = $true
    $UserName = $SiteUser.Name
    $web.SiteUsers.Remove($SiteUser)
    write-Host "Removing Permission from User '$UserName' successfully" -ForegroundColor Green
}

If($UserPermission-match $Permission) 
{ 
    #Delete the user $Flag = $true$UserName = $SiteUser.Name 
    $web.SiteUsers.Remove($SiteUser) 
    write-Host "Removing Permission from User '$UserName' successfully"-ForegroundColor Green 
}

Examples 

Example 1: Get help about Remove-OSCSPSiteUser.       
Command: Get-Help Remove-OSCSPSiteUser -Full
Screenshot: 

Example 2: Remove users from "http://win-lfseeatt8jr/sites/mysite" that have a "Design" permission level.
Command: Remove-OSCSPSiteUser -SiteURL "http://win-lfseeatt8jr/sites/mysite" -Permission "Design"
Screenshot: 

Note If a user was granted several level permissions, you should select the highest permission level to when you delete the user. Therefore, all permissions for the user will be deleted. 

Prerequisite

Windows PowerShell 2.0 
Windows Server 2008R2 

Additional Resources

Technical Resource:
Get-SPSite
http://technet.microsoft.com/en-us/library/ff607950.aspx