Problem with nested group displaying the users

Question

This script (give me users and groups on a fileshare ACL) works now as expected only the 'Group Member' column shows the users in the first group and the nested group, like this:

Group Member

Jo Allen, Iris Bloom, DG_NESTED

Is there any way I can get the members of the Nested group in the same column (group member) too?

$FolderPath = dir -Directory -Path "\\DFS\share" -Force #-recurse mogelijk
 $Report = @()
 ForEach ($Folder in $FolderPath) {
     $Acl = Get-Acl -Path $Folder.FullName
     foreach ($Access in $acl.Access)
     {
         try{
             $GroupMember = Get-ADGroupMember ($Access.IdentityReference.Value -Replace $((Get-ADDomain).NetBIOSName)+'\\')
             $Properties = [ordered]@{'FolderName'=$Folder.FullName;'AD Group or User'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited;'Group Member'=$GroupMember.name -join ','}
        }
        catch{
             $Properties = [ordered]@{'FolderName'=$Folder.FullName;'AD Group or User'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited;'Group Member'=''}
        }
        $Report += New-Object -TypeName PSObject -Property $Properties
     }
 }
 $Report | Export-Csv -Delimiter ';' -path "C:\Temp\ExportshareACL.csv"

Answer 1

If I understand your requirement, it's to place all the members of all the groups in the property "AD Group or User" of the $Properties hashtable.

Have you tried adding the "-Recursive" switch to the Get-ADGroupMember cmdlet?

Answer 2

Hey @Rich Matheisen

I was a few days away. But when I saw your answers I already new that was the solution.

Today I've added it and it gives me the information that I want.

Indeed I was trying to get the group, users and nested group in that column. How easy life can be , it works.

Kind regards,

Andre