How can I export each OU to separate .CSV/xls files? I would like each file to be named the following example. OU=Service Accounts,OU=Corp Objects,DC=corp,DC=domain,DC=com. This means Each file will be will take the name of its’ own distinctive OU. How can I go about accomplishing this? This is the PowerShell Script that I am using:
Script-;
Import-Module ActiveDirectory
This array will hold the report output.
$report = @()
Hide the errors for a couple duplicate hash table keys.
$schemaIDGUID = @{}
$ErrorActionPreference = ‘SilentlyContinue’
Get-ADObject -SearchBase (Get-ADRootDSE).schemaNamingContext -LDAPFilter ‘(schemaIDGUID=*)’ -Properties name, schemaIDGUID |
ForEach-Object {$schemaIDGUID.add([System.GUID]$.schemaIDGUID,$.name)}
Get-ADObject -SearchBase “CN=Extended-Rights,$((Get-ADRootDSE).configurationNamingContext)” -LDAPFilter ‘(objectClass=controlAccessRight)’ -Properties name, rightsGUID |
ForEach-Object {$schemaIDGUID.add([System.GUID]$.rightsGUID,$.name)}
$ErrorActionPreference = ‘Continue’
Get a list of all OUs. Add in the root containers for good measure (users, computers, etc.).
$OUs = Get-ADOrganizationalUnit -Filter * | Select-Object -ExpandProperty DistinguishedName
$OUs += Get-ADObject -SearchBase (Get-ADDomain).DistinguishedName -SearchScope OneLevel -LDAPFilter ‘(objectClass=container)’ | Select-Object -ExpandProperty DistinguishedName
Loop through each of the OUs and retrieve their permissions.
Add report columns to contain the OU path and string names of the ObjectTypes.
ForEach ($OU in $OUs) {
$report += Get-Acl -Path “AD:$OU” |
Select-Object -ExpandProperty Access |
Select-Object @{name=‘organizationalUnit’;expression={$OU}}, @{name='objectTypeName';expression={if ($_.objectType.ToString() -eq '00000000-0000-0000-0000-000000000000') {'All'} Else {$schemaIDGUID.Item($_.objectType)}}},
@{name=‘inheritedObjectTypeName’;expression={$schemaIDGUID.Item($_.inheritedObjectType)}}, `
*
}
Dump the raw report out to a CSV file for analysis in Excel.
$report | Export-Csv “.\OU_Permissions.csv” -NoTypeInformation
Start-Process “.\OU_Permissions.csv”