question

NguyenTee-6512 avatar image
0 Votes"
NguyenTee-6512 asked EmilyDu-MSFT edited

Run SharePoint 2013 Security Group Reports for All Site Collections Using PowerShell

I need to run a report to for all SharePoint site collections to tell me if there are any security groups has been used to grant permission and if yes give me the name of all security groups and what site they were using.

Thanks
Tee

office-sharepoint-server-administration
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@NguyenTee-6512

I'm checking how the things are going on about this issue. Whether the answer helps you?

You can accept the answer if it helps.


If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


0 Votes 0 ·

1 Answer

EmilyDu-MSFT avatar image
0 Votes"
EmilyDu-MSFT answered

Please run below PowerShell as administrator.

 Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
     
 #Change to your web application
 $WebAppURL = "web application URL"
     
 #Get Web Application
 $WebApp = Get-SPWebApplication $WebAppURL
     
 #variable for data collection
 $ADGroupCollection= @()
 $ReportPath ="C:\ADGroups.csv"
     
 foreach ($Site in $WebApp.Sites)
 {
     Write-host -foregroundcolor green "Processing Site Collection: "$site.RootWeb.URL
         
     #Get all AD Security Groups from the site collection
     $ADGroups = Get-SPUser -Web $Site.Url -Limit ALL | Where { $_.IsDomainGroup -and $_.displayName -ne "NT AUTHORITY\authenticated users" -and $_.displayName -ne "Everyone" -and $_.displayName -ne "All Users (windows)"}
     
     #Iterate through each AD Group
     foreach($Group in $ADGroups)
     {
             Write-host "Found AD Group:" $Group.DisplayName
     
             #Get Direct Permissions
             $Permissions = $Group.Roles | Where { $_.Name -ne "Limited Access" } | Select -ExpandProperty Name
     
             #Get SharePoint User Groups where the AD group is a member
             $SiteGroups = $Group.Groups | Select -ExpandProperty Name
     
             #Send Data to an object array
             $ADGroup = new-object psobject
             $ADGroup | add-member noteproperty -name "Site Collection" -value $Site.RootWeb.Title
             $ADGroup | add-member noteproperty -name "URL" -value $Site.Url
             $ADGroup | add-member noteproperty -name "Group Name" -value $Group.DisplayName
             $ADGroup | add-member noteproperty -name "Direct Permissions" -value ($Permissions -join ",")
             $ADGroup | add-member noteproperty -name "SharePoint Groups" -value ($SiteGroups -join ",")
             #Add to Array
             $ADGroupCollection+=$ADGroup          
     } 
 }
     #Export Data to CSV
     $ADGroupCollection | export-csv $ReportPath -notypeinformation
     Write-host "SharePoint Security Groups data exported to a CSV file at:"$ReportPath -ForegroundColor Cyan

Result:
82240-1.png



If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



1.png (4.9 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.