$FolderPath = Get-Item -Path "c:\testing\" -Force[System.Collections.ArrayList]

1. $FolderPath = Get-Item -Path "c:\testing\" -Force
2. [System.Collections.ArrayList]$Report = @()
3. [System.Collections.ArrayList]$groupLookup = @()
4.  
5. # Enumerate all groups and their members. Prepare for it to take forever.
6. # Could use search base if you have a specific ou you're interested in or just go wild
7. foreach ($group in Get-ADGroup -Filter * -SearchBase 'OU=Groups,DC=DOMAIN,DC=COM') {
8. $groupLookup += @{
9. $group.Name = $group | Get-ADGroupMember
10. }
11. }
12.  
13. # Export for later use?
14. # $groupLookup | ConvertTo-Json C:\Testing\groupLookup.json
15.  
16. Foreach ($Folder in $FolderPath) {
17.  
18. $Acl = Get-Acl -Path $Folder.FullName
19.  
20. foreach ($Access in $Acl.Access) {
21.  
22. # split DOMAIN\USERNAME and select the last item in the array (USERNAME)
23. $groupName = (($Access.IdentityReference).ToString()).Split('\')[-1]
24.  
25. $Report += [PSCustomObject]@{
26. 'FolderName' = $Folder.FullName
27. 'AD Group or User' = $Access.IdentityReference
28. 'Permissions' = $Access.FileSystemRights
29. 'Inherited' = $Access.IsInherited
30. 'GroupMembers' = $groupLookup.$groupName
31. }
32.  
33. }
34. }
35.  
36. $Report