Problem - Trying to create a script that searches multiple shares, and pulls access levels for users and group AND expands the first level group. Exporting to a file. For quarterly audits and the like
Using Get-NTFSACCESS, which gets the info I’m looking for. But also trying to output the membership of the group itself.
The first part works great, and I get a stored variable with the groups to look up, but then when i try to transfer that into the get-adgroup or get-adgroupmember command its unrecongized. The name and samaccountname are the same for the groups I’m testing with. It behaves the same if i define a variable directly as below or if i pipe it to a file then recall the file.
What am I missing to make that simple statement work? If i manually type get-adgroup “server administrators” it works as expected, but if i run it in a foreach loop from a variable or from a file it fails.
you use $groupnames for the list of groups; $group as the foreach variable but $groupname in get-adgroup
Also if you look at the help file for Get-ADGroup you’ll see a limited number of choices for identifying the group (the -Identity parameter which you are trying to access positionally)
Sorry that was a typo obviously. That bit of code works fine. Though it doesnt output exactly as I would like, as It combines the data instead of separating it based on group name, but that i can deal with later. That same “logic” doesn’t when I combine with my Get-ntfsaccess code.
Thank you, I actually had tried $group.groups before but I did not include $( ) only $group.groups
Just tried that and it parsed through and I got the results I was expecting. Now I just have to separate them so everything outputs appropriately, but at least I have the data I was looking for now.