I've got 48 System Accounts, 48 Domain Local groups and 48 Global groups.
Every Domain Local group has Full Access rights on only one specific OU to create, modify and delete Users in that OU.
I want to create a powershell script that checks if al groups still exist, that they still have the right permissions on the right OU, and if the right users are still member of the right group. Every time I run this script I want to have a response (in a file or mail) with the results if anything has changed in the ACL or not.
How can I best do this?