Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $FolderPath = Get-Item -Path "c:\testing\" -Force
- [System.Collections.ArrayList]$Report = @()
- [System.Collections.ArrayList]$groupLookup = @()
- # Enumerate all groups and their members. Prepare for it to take forever.
- # Could use search base if you have a specific ou you're interested in or just go wild
- foreach ($group in Get-ADGroup -Filter * -SearchBase 'OU=Groups,DC=DOMAIN,DC=COM') {
- $groupLookup += @{
- $group.Name = $group | Get-ADGroupMember
- }
- }
- # Export for later use?
- # $groupLookup | ConvertTo-Json C:\Testing\groupLookup.json
- Foreach ($Folder in $FolderPath) {
- $Acl = Get-Acl -Path $Folder.FullName
- foreach ($Access in $Acl.Access) {
- # split DOMAIN\USERNAME and select the last item in the array (USERNAME)
- $groupName = (($Access.IdentityReference).ToString()).Split('\')[-1]
- $Report += [PSCustomObject]@{
- 'FolderName' = $Folder.FullName
- 'AD Group or User' = $Access.IdentityReference
- 'Permissions' = $Access.FileSystemRights
- 'Inherited' = $Access.IsInherited
- 'GroupMembers' = $groupLookup.$groupName
- }
- }
- }
- $Report
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement