Search This Blog

Thursday, March 29, 2018

Find AD-DomainGroup for List/Document in SharePoint with PowerShell


step : Save below script .Ps1 and run with powershell
step 2:Save .bat file under script and run with administrator 

if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null)
{
    Add-PSSnapin "Microsoft.SharePoint.PowerShell"
}
#Change to your web application
$WebAppURL = "http://win-2016"

#Get Web Application
$WebApp = Get-SPWebApplication $WebAppURL

#variable for data collection
$ADGroupCollection= @()
$ReportPath ="C:\ADGroups.csv"

foreach ($Site in $WebApp.Sites)
{
    Write-host -foregroundcolor green "Processing Site Collection: "$site.RootWeb.URL
      foreach($web in $Site.AllWebs)
        {
 
     foreach($List in $Web.lists)
              {
                #Get all AD Security Groups from the site collection
    $ADGroups = Get-SPUser -Web $List.ParentWeb.Url | Where { $_.IsDomainGroup -and $_.displayName -ne "Everyone" }

     $url = $List.ParentWeb.Url+"/"+$List.Title
    #Iterate through each AD Group
    foreach($Group in $ADGroups)
                    {
            Write-host "Found AD Group:" $Group.DisplayName

            #Get Direct Permissions
            $Permissions = $Group.Roles | Where { $_.Name -ne "Limited Access" } | Select -ExpandProperty Name

            #Get SharePoint User Groups where the AD group is member of.
            $SiteGroups = $Group.Groups | Select -ExpandProperty Name

            #Send Data to an object array
            $ADGroup = new-object psobject
            $ADGroup | add-member noteproperty -name "Site Collection" -value $Site.RootWeb.Url
            $ADGroup | add-member noteproperty -name "URL" -value $url
            $ADGroup | add-member noteproperty -name "Group Name" -value $Group.DisplayName
            $ADGroup | add-member noteproperty -name "Direct Permissions" -value ($Permissions -join ",")
            $ADGroup | add-member noteproperty -name "SharePoint Groups" -value ($SiteGroups -join ",")
            #Add to Array
            $ADGroupCollection+=$ADGroup         
                     }
                }
        }
}
    #Export Data to CSV
    $ADGroupCollection | export-csv $ReportPath -notypeinformation
    Write-host "SharePoint Security Groups data exported to a CSV file at:"$ReportPath -ForegroundColor Cyan

-----------------------------AdGroup.bat-----------------------------------
cd /d %~dp0
powershell -noexit -file "AdGroupReport.PS1" "%CD%"
pause


Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)