import-module activedirectory$WebURL = "http://sharepointserver/"$listName =

1. import-module activedirectory
2. $WebURL = "http://sharepointserver/"
3. $listName = "test"
4.  
5. #Define a function to add a group's name to its members Nested field recursivly.
6. Function GetNestedMembers{
7. Param($Group)
8.     ForEach($Item in (Get-ADGroupMember $Group)){
9.     if($Item.ObjectClass -eq "group" -and $Global:SubGroups -inotcontains $Item.name){
10.         $Global:SubGroups += $Item.name.tostring()
11.         GetNestedMembers $Item
12.     }else{
13.         $AllMembers|?{$_.Name -match $Item.Name -and !($_.nested -match $group.name)}|%{$_.Nested = "$($_.Nested), $($Group.Name.tostring())"}
14.         }
15.     }
16. }
17.  
18. $GroupList = get-content "Z:\audit.txt"
19.  
20. ForEach($Entry in $GroupList){
21.  
22.     $SubGroups = @()
23.  
24.     #Create an empty array
25.     $AllMembers = @()
26.  
27.     #Populate it with all recursive members of the group
28.     $strGroupOwner = Get-ADGroup -identity $Entry -Properties ManagedBy | select managedby
29.     $strOwnerName = get-aduser -identity $strGroupOwner.managedby -properties samaccountname |select -ExpandProperty samaccountname
30.     $strGroupName = $Entry
31.     "Group is named: " + $strGroupName
32.     "Group is owned by: " + $strOwnerName
33.     ForEach($Person in (Get-ADGroupMember $Entry -Recursive)){
34.         $User = Get-ADUser $Person -Property description
35.      
36.         $AllMembers += New-Object PSObject -Property @{
37.             Name = $Person.Name
38.             Description = $User.Description
39.             NetworkID = $Person.SamAccountName
40.             Nested = $Null
41.             Group = $strGroupName
42.             Owner = $strOwnerName
43.            
44.         }
45.     }    
46.  
47.     $CurrentGroup = Get-ADGroupMember $Entry
48.    
49.     #Mark root members as direct group members in the Nested field
50.     $AllMembers|?{($CurrentGroup | ?{$_.ObjectClass -ne "group"}).name -contains $_.Name}|%{$_.Nested = "Direct Member"}
51.  
52.     #Iterate through all nested groups
53.     $CurrentGroup | ?{$_.ObjectClass -eq "group"} | %{GetNestedMembers $_}
54.  
55.     #If the output path doesn't exist, make it quietly.
56.     If(!(Test-Path "z:\$strOwnerName")){$null = New-Item "Z:\$strOwnerName" -ItemType directory}
57.    
58.     #apply permissions to folder
59.    
60.     function GrantUserpermission($strOwnerName)
61.     {
62.     [Microsoft.SharePoint.SPUserCollection]$spusers=[Microsoft.SharePoint.SPUserCollection]$web.SiteUsers
63.     [Microsoft.SharePoint.SPUser]$spuser=$spusers[$strOwnerName]
64.        
65.        
66.         "Strowner name: " + $strOwnerName
67.         # Get the SPWeb object and save it to a variable
68.         $web = Get-SPWeb -identity $WebURL
69.         if ($strOwnerName -ne $null)
70.        
71.         {
72.            
73.             $sproleass=new-object Microsoft.SharePoint.SPRoleAssignment([Microsoft.SharePoint.SPPrincipal]$spuser)
74.             $folder.BreakRoleInheritance("true")
75.             $sproleass.RoleDefinitionBindings.Add($web.RoleDefinitions["Contribute"])
76.             $folder.RoleAssignments.Add($sproleass);
77.             Write-Host "Permission provided for user ", $strOwnerName
78.         }
79.        
80.         else
81.        
82.         {
83.        
84.         Write-Host "User ""$userName"" was not found in this web!"
85.        
86.         }
87.  
88.    }
89.  
90.     GrantUserpermission
91.     #Output to CSV
92.     $AllMembers |%{if($_.nested){$_.nested = $_.nested.TrimStart(", ")};$_} | Select Name, Description, NetworkID, Nested, Group, Owner | Export-csv "Z:\$strOwnerName\$Entry.csv" -NoTypeInformation
93. }