Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import-module activedirectory
- $WebURL = "http://sharepointserver/"
- $listName = "test"
- #Define a function to add a group's name to its members Nested field recursivly.
- Function GetNestedMembers{
- Param($Group)
- ForEach($Item in (Get-ADGroupMember $Group)){
- if($Item.ObjectClass -eq "group" -and $Global:SubGroups -inotcontains $Item.name){
- $Global:SubGroups += $Item.name.tostring()
- GetNestedMembers $Item
- }else{
- $AllMembers|?{$_.Name -match $Item.Name -and !($_.nested -match $group.name)}|%{$_.Nested = "$($_.Nested), $($Group.Name.tostring())"}
- }
- }
- }
- $GroupList = get-content "Z:\audit.txt"
- ForEach($Entry in $GroupList){
- $SubGroups = @()
- #Create an empty array
- $AllMembers = @()
- #Populate it with all recursive members of the group
- $strGroupOwner = Get-ADGroup -identity $Entry -Properties ManagedBy | select managedby
- $strOwnerName = get-aduser -identity $strGroupOwner.managedby -properties samaccountname |select -ExpandProperty samaccountname
- $strGroupName = $Entry
- "Group is named: " + $strGroupName
- "Group is owned by: " + $strOwnerName
- ForEach($Person in (Get-ADGroupMember $Entry -Recursive)){
- $User = Get-ADUser $Person -Property description
- $AllMembers += New-Object PSObject -Property @{
- Name = $Person.Name
- Description = $User.Description
- NetworkID = $Person.SamAccountName
- Nested = $Null
- Group = $strGroupName
- Owner = $strOwnerName
- }
- }
- $CurrentGroup = Get-ADGroupMember $Entry
- #Mark root members as direct group members in the Nested field
- $AllMembers|?{($CurrentGroup | ?{$_.ObjectClass -ne "group"}).name -contains $_.Name}|%{$_.Nested = "Direct Member"}
- #Iterate through all nested groups
- $CurrentGroup | ?{$_.ObjectClass -eq "group"} | %{GetNestedMembers $_}
- #If the output path doesn't exist, make it quietly.
- If(!(Test-Path "z:\$strOwnerName")){$null = New-Item "Z:\$strOwnerName" -ItemType directory}
- #apply permissions to folder
- function GrantUserpermission($strOwnerName)
- {
- [Microsoft.SharePoint.SPUserCollection]$spusers=[Microsoft.SharePoint.SPUserCollection]$web.SiteUsers
- [Microsoft.SharePoint.SPUser]$spuser=$spusers[$strOwnerName]
- "Strowner name: " + $strOwnerName
- # Get the SPWeb object and save it to a variable
- $web = Get-SPWeb -identity $WebURL
- if ($strOwnerName -ne $null)
- {
- $sproleass=new-object Microsoft.SharePoint.SPRoleAssignment([Microsoft.SharePoint.SPPrincipal]$spuser)
- $folder.BreakRoleInheritance("true")
- $sproleass.RoleDefinitionBindings.Add($web.RoleDefinitions["Contribute"])
- $folder.RoleAssignments.Add($sproleass);
- Write-Host "Permission provided for user ", $strOwnerName
- }
- else
- {
- Write-Host "User ""$userName"" was not found in this web!"
- }
- }
- GrantUserpermission
- #Output to CSV
- $AllMembers |%{if($_.nested){$_.nested = $_.nested.TrimStart(", ")};$_} | Select Name, Description, NetworkID, Nested, Group, Owner | Export-csv "Z:\$strOwnerName\$Entry.csv" -NoTypeInformation
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement