I need to run a report to for all SharePoint site collections to tell me if there are any security groups has been used to grant permission and if yes give me the name of all security groups and what site they were using.
Thanks
Tee
I need to run a report to for all SharePoint site collections to tell me if there are any security groups has been used to grant permission and if yes give me the name of all security groups and what site they were using.
Thanks
Tee
I'm checking how the things are going on about this issue. Whether the answer helps you?
You can accept the answer if it helps.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Please run below PowerShell as administrator.
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
#Change to your web application
$WebAppURL = "web application URL"
#Get Web Application
$WebApp = Get-SPWebApplication $WebAppURL
#variable for data collection
$ADGroupCollection= @()
$ReportPath ="C:\ADGroups.csv"
foreach ($Site in $WebApp.Sites)
{
Write-host -foregroundcolor green "Processing Site Collection: "$site.RootWeb.URL
#Get all AD Security Groups from the site collection
$ADGroups = Get-SPUser -Web $Site.Url -Limit ALL | Where { $_.IsDomainGroup -and $_.displayName -ne "NT AUTHORITY\authenticated users" -and $_.displayName -ne "Everyone" -and $_.displayName -ne "All Users (windows)"}
#Iterate through each AD Group
foreach($Group in $ADGroups)
{
Write-host "Found AD Group:" $Group.DisplayName
#Get Direct Permissions
$Permissions = $Group.Roles | Where { $_.Name -ne "Limited Access" } | Select -ExpandProperty Name
#Get SharePoint User Groups where the AD group is a member
$SiteGroups = $Group.Groups | Select -ExpandProperty Name
#Send Data to an object array
$ADGroup = new-object psobject
$ADGroup | add-member noteproperty -name "Site Collection" -value $Site.RootWeb.Title
$ADGroup | add-member noteproperty -name "URL" -value $Site.Url
$ADGroup | add-member noteproperty -name "Group Name" -value $Group.DisplayName
$ADGroup | add-member noteproperty -name "Direct Permissions" -value ($Permissions -join ",")
$ADGroup | add-member noteproperty -name "SharePoint Groups" -value ($SiteGroups -join ",")
#Add to Array
$ADGroupCollection+=$ADGroup
}
}
#Export Data to CSV
$ADGroupCollection | export-csv $ReportPath -notypeinformation
Write-host "SharePoint Security Groups data exported to a CSV file at:"$ReportPath -ForegroundColor Cyan
Result:
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
5 people are following this question.