forked from dakhama-mehdi/Modern_ActiveDirectory
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathget_grouops.ps1
131 lines (90 loc) · 2.84 KB
/
get_grouops.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#region groups
<###########################
Groups
############################>
Write-Host "Working on Groups Report..." -ForegroundColor Green
#Get groups and sort in alphabetical order
#list only group with members, this can be interresed on big domain with a lot of groups, you can remove the where if you are in small company
#I'm excluded the Exchange groups -ResultSetSize $maxsearchergroups
$SecurityCount = 0
$CustomGroup = 0
$DefaultGroup = 0
$Groupswithmemebrship = 0
$Groupswithnomembership = 0
$GroupsProtected = 0
$GroupsNotProtected = 0
$totalgroups = 0
$DistroCount = 0
Get-ADGroup -Filter "name -notlike '*Exchange*'" -ResultSetSize $maxsearchergroups -Properties Member,ManagedBy,info,created,ProtectedFromAccidentalDeletion | ForEach-Object {
$totalgroups++
$OwnerDN = $null
if (!$_.member) {
$Groupswithnomembership++
if ($($_.ManagedBy)) {
$OwnerDN = ($_.ManagedBy -split (",") | Where-Object {$_ -like "CN=*"}) -replace ("CN=","")
}
$obj = [PSCustomObject]@{
'Name' = $_.name
'Type' = $_.GroupCategory
'Managed By' = $OwnerDN
'Created' = ($_.created.ToString("yyyy/MM/dd"))
'Default AD Group' = $DefaultADGroup
'Protected from Deletion' = $_.ProtectedFromAccidentalDeletion
}
$Groupsnomembers.Add($obj)
}
else {
$Groupswithmemebrship++
$DefaultADGroup = 'False'
$Type = New-Object 'System.Collections.Generic.List[System.Object]'
if ($_.GroupCategory -eq "Security")
{
$SecurityCount++
$Type = "Security Group"
} elseif ($_.GroupCategory -eq "Distribution") {
$DistroCount++
$Type = "Distribution Group"
}
if ($_.ProtectedFromAccidentalDeletion -eq $True)
{
$GroupsProtected++
}
else
{
$GroupsNotProtected++
}
if ($DefaultSGs -notcontains $_.Name)
{
$CustomGroup++
$users = ($_.member -split (",") | Where-Object {$_ -like "CN=*"}) -replace ("CN="," ") -join ","
}
else
{
$DefaultADGroup = "True"
$DefaultGroup++
$Users = "Skipped Domain Users Membership"
}
$OwnerDN = ($_.ManagedBy -split (",") | Where-Object {$_ -like "CN=*"}) -replace ("CN=","")
$obj = [PSCustomObject]@{
'Name' = $_.name
'Type' = $Type
'Members' = $users
'Managed By' = $OwnerDN
'Created' = ($_.created.ToString("yyyy/MM/dd"))
'Remark' = $_.info
'Protected from Deletion' = $_.ProtectedFromAccidentalDeletion
'Default AD Group' = $DefaultADGroup
}
$table.Add($obj)
}
}
#TOP groups table
$obj1 = [PSCustomObject]@{
'Total Groups' = $totalgroups
'Groups with members' = $Groupswithmemebrship
'Security Groups' = $SecurityCount
'Distribution Groups' = $DistroCount
}
$TOPGroupsTable.Add($obj1)
Write-Host "Done!" -ForegroundColor White
#endregion groups