A report that gives me file share location, user permissions, groups and users in those group that have permission on the specific fileshare

André Borgeld 431 Reputation points
2022-11-23T07:25:03.083+00:00

Hi everyone,

Even though I'm using foreach folder in folders, I'm doing something wrong here. IT only gives me the last or first folders (one folder).
Could you give me some tips.
And it has to be a readable report, I really thinlk this is a good start.

$ou = "OU=Groups,DC=domain,DC=nl"  
  
$groups = Get-ADGroup -Filter * -SearchBase $ou  
  
$fileshare = \\company\shares\useCases  
  
   
  
$folders = Get-ChildItem $fileshare -Directory  
  
foreach($folder in $folders){  
  
    $accessRights =  Get-Acl -Path $folder.FullName  
  
    $groupsWithAccess = @()  
  
    foreach($group in $accessRights.Access){  
  
        $groupName = $group.identityReference.value.split("\")[-1]  
  
        $getGroup = $groups | Where-Object {($_.samAccountName -eq $groupName -or $_.name -eq $groupName)}  
  
        if($getGroup){  
  
            $groupsWithAccess += $getGroup  
  
        }  
  
    }  
  
    $memberObject = @()  
  
    foreach($groupWithAccess in $groupsWithAccess){  
  
        $members = Get-ADGroupMember -Identity $groupWithAccess.samAccountName | Where-Object {($_.objectClass -eq "user")}  
  
     
  
        <# Group nesting, uncheck if you want that  
  
        $nestedGroups = Get-ADGroupMember -Identity $groupWithAccess.samAccountName | Where-Object {($_.objectClass -eq "group")}  
  
        foreach($nestedGroup in $nestedGroups){  
  
            $members = Get-ADGroupMember -Identity $groupWithAccess.samAccountName | Where-Object {($_.objectClass -eq "user")}  
  
                $memberObject += New-Object psobject -Property @{  
  
                fileshare = $accessRights.Path.Split("\")[-1]  
  
                group = $groupWithAccess.name  
  
                members = $members.name -join ";"  
  
            }  
  
        }  
  
        #>  
  
   
  
        $memberObject += New-Object psobject -Property @{  
  
            fileshare = $accessRights.Path.Split("\")[-1]  
  
            group = $groupWithAccess.name  
  
            members = $members.name -join ";"  
  
        }  
  
    }  
  
}  
  
$memberObject | Export-CSV -Path "C:\Temp\test.csv" -Delimiter "," -NoTypeInformation  
  
   

Many thanks!

Kind regards,

Andre

Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,456 questions
0 comments No comments
{count} votes

Accepted answer
  1. DaveK 1,851 Reputation points
    2022-11-23T09:41:00.047+00:00

    I haven't been able to test it myself but I would guess its because you are setting $memberObject to a blank array again during the loop. I'd think moving it to above the $folders ForEach would fix the issue of it only returning one entry.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. André Borgeld 431 Reputation points
    2022-11-23T12:47:15.287+00:00

    @DaveK Thank you very much. You're absolutely right!

    0 comments No comments