-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMSADGroupsPerUser.ps1
70 lines (54 loc) · 1.7 KB
/
MSADGroupsPerUser.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
function Get-GroupsForObject {
[cmdletbinding()]
param(
[string]$Object = "",
[int]$Level = 0
)
$d = Get-ADObject -Identity $Object -Properties SamAccountName
if ($d.ObjectClass -eq "user" -and $Level -eq 0) {
$e = Get-ADUser -Identity $d.DistinguishedName -Properties MemberOf
}
elseif ($d.ObjectClass -eq "group") {
$e = Get-ADGroup -Identity $d.DistinguishedName -Properties MemberOf
}
$e.MemberOf | Sort-Object | %{
# prevent a loop if the group is a member of itself
if ( $_ -ne $e.DistinguishedName ) {
Get-GroupsForObject -Object $_ -Level($Level + 1)
}
}
$e | select name | Sort-Object -Property name
}
function RemoveDups {
[cmdletbinding()]
param (
[parameter(Mandatory=$true)]
[System.Collections.ArrayList]$ArrayList
)
$last = ""
$this = ""
[System.Collections.ArrayList]$out = @()
foreach ($a in $ArrayList) {
if ($a -ne $last) {
$null = $out.add($a)
}
$last = $a
}
$out
}
$userName = Read-Host "user name"
$un = $userName -replace " ", ""
$fn = (New-Object -ComObject Shell.Application).NameSpace('shell:Downloads').Self.Path + "\" + $un + "Groups.csv"
$Object = (Get-ADuser $userName).DistinguishedName
$g = Get-GroupsForObject -Object (Get-ADuser $userName).DistinguishedName | Sort-Object -Property name
[System.Collections.ArrayList]$gp = @()
foreach ($m in $g) {
[void]$gp.Add($m.name)
}
$groups = RemoveDups -ArrayList $gp
#$groups | Export-Csv -Path $fn -NoTypeInformation
Set-Content $fn -Value $null
foreach ($e in $groups) {
"`"$e`"" | Add-Content $fn
}
Start-Process -FilePath $fn