import-module activedirectory$WebURL = "http://phoeninnp1/"$listName = "test

1. import-module activedirectory
2. $WebURL = "http://phoeninnp1/"
3. $listName = "test"
4.  
5. #Define a function to add a group's name to its members Nested field recursivly.
6. Function GetNestedMembers{
7. Param($Group)
8.     ForEach($Item in (Get-ADGroupMember $Group)){
9.     if($Item.ObjectClass -eq "group" -and $Global:SubGroups -inotcontains $Item.name){
10.         $Global:SubGroups += $Item.name.tostring()
11.         GetNestedMembers $Item
12.     }else{
13.         $AllMembers|?{$_.Name -match $Item.Name -and !($_.nested -match $group.name)}|%{$_.Nested = "$($_.Nested), $($Group.Name.tostring())"}
14.         }
15.     }
16. }
17.  
18. $GroupList = get-content "Z:\audit.txt"
19.  
20. ForEach($Entry in $GroupList){
21.  
22.     $SubGroups = @()
23.  
24.     #Create an empty array
25.     $AllMembers = @()
26.  
27.     #Populate it with all recursive members of the group
28.     $strGroupOwner = Get-ADGroup -identity $Entry -Properties ManagedBy | select managedby
29.     $strOwnerName = get-aduser -identity $strGroupOwner.managedby -properties samaccountname |select -ExpandProperty samaccountname
30.     $strGroupName = $Entry
31.     "Group is named: " + $strGroupName
32.     "Group is owned by: " + $strOwnerName
33.     ForEach($Person in (Get-ADGroupMember $Entry -Recursive)){
34.         $User = Get-ADUser $Person -Property description
35.      
36.         $AllMembers += New-Object PSObject -Property @{
37.             Name = $Person.Name
38.             Description = $User.Description
39.             NetworkID = $Person.SamAccountName
40.             Nested = $Null
41.             Group = $strGroupName
42.             Owner = $strOwnerName
43.            
44.         }
45.     }    
46.  
47.     $CurrentGroup = Get-ADGroupMember $Entry
48.    
49.     #Mark root members as direct group members in the Nested field
50.     $AllMembers|?{($CurrentGroup | ?{$_.ObjectClass -ne "group"}).name -contains $_.Name}|%{$_.Nested = "Direct Member"}
51.  
52.     #Iterate through all nested groups
53.     $CurrentGroup | ?{$_.ObjectClass -eq "group"} | %{GetNestedMembers $_}
54.  
55.     #If the output path doesn't exist, make it quietly.
56.     If(!(Test-Path "z:\$strOwnerName")){$null = New-Item "Z:\$strOwnerName" -ItemType directory}
57.    
58.     #apply permissions to folder
59.     "Strowner name: " + $strOwnerName
60.     function GrantUserpermission($strOwnerName)
61.     {
62.    
63.     $web = Get-SPWeb -identity $WebURL
64.     [Microsoft.SharePoint.SPUser]$spuser=$web.EnsureUser($strOwnerName)
65.     "Strowner name in Function: " + $strOwnerName  
66.        
67.        
68.         # Get the SPWeb object and save it to a variable
69.        
70.         if ($strOwnerName -ne $null)
71.        
72.         {
73.            
74.             $sproleass=new-object Microsoft.SharePoint.SPRoleAssignment([Microsoft.SharePoint.SPPrincipal]$spuser)
75.             $folder.BreakRoleInheritance("true")
76.             $sproleass.RoleDefinitionBindings.Add($web.RoleDefinitions["Contribute"])
77.             $folder.RoleAssignments.Add($sproleass);
78.             Write-Host "Permission provided for user ", $strOwnerName
79.         }
80.        
81.         else
82.        
83.         {
84.        
85.         Write-Host "User ""$userName"" was not found in this web!"
86.        
87.         }
88.  
89.    }
90.  
91.     GrantUserpermission
92.     #Output to CSV
93.     $AllMembers |%{if($_.nested){$_.nested = $_.nested.TrimStart(", ")};$_} | Select Name, Description, NetworkID, Nested, Group, Owner | Export-csv "Z:\$strOwnerName\$Entry.csv" -NoTypeInformation
94. }