Post date: Nov 23, 2010 8:46:12 AM
Because of security questions i was asked to create a list of all external users with their group-membership.
I wrote this Powershell script, it retrieves all groups a member belongs to.
cls
# Script to retrieve all groups users in an OU belongs to, including the nested groups.
# All users in sub-OU's will also be presented.
# Define the searchroot here, this is just an example
$OU = 'domain.loc/users/external'
# No change nescessary under this line, results will be presented in Excel
$strPath="c:\temp\test002.xls"
$a = new-object -comobject excel.application
$a.Visible = $true
if (Test-Path $strPath)
{
# Open the document
$b = $a.WorkBooks.Open($strPath)
$c = $b.Worksheets.Item(1)
} else {
# Create It
$b = $a.Workbooks.Add()
$c = $b.Worksheets.Item(1)
$c.Cells.Item(1,1) = "User"
$c.cells.item(1,2) = "Group"
$d = $c.UsedRange
$d.Interior.ColorIndex = 19
$d.Font.ColorIndex = 11
$d.Font.Bold = $True
}
$introw = $c.UsedRange.Rows.Count + 1
$users = get-QADUser -SearchRoot $OU
foreach ($user in $users){
$use = Get-QADUser -Identity $user
$free = $use.name
$member = Get-QADMemberOf -Identity $user
foreach ($memb in $member){
$intcol = 2
$mem = $memb.name
$c.cells.item($introw, 1) = $free
$c.cells.item($introw, 2) = $mem
$introw++
$membof = Get-QADMemberOf -Identity $memb
foreach ($groep in $membof){
$groepen = $groep.name
if ($groepen -gt ''){
$c.cells.item($introw, 1) = $free
$c.cells.item($introw, 2) = $groepen
$introw++}}
}
}