PowerShell List all Users and Group Membership

Scenario:

PowerShell List all Users and Group Membership

In an environment with a lot of user and groups, it is very difficult to keep track of the groups that each user is a member.Have you ever thought to check the group and their member and clarify that only the intended user are members for each group? My case when I have created the below script, was to find out that users in a specific location are under the correct groups only. So I needed a list to check the groups.

The below script connects to Active directory and get a list of all users for a specific location (ex. Cyprus Office). Then the script check the membership of each user and gather all the information in a report and sends it by email. If there be an error or exception during the run then the script will provide me with the error or list of errors if they exist.

You can download the script here or copy it from below.

Related Links:

Solution / Script:

import-module ActiveDirectory cd ad: $File = "C:\Scripts\Password.txt" $Key = (1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32) $EmailUser = "[email protected]" $Password = Get-Content $File | ConvertTo-SecureString -Key $Key $EmailCredentials = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $EmailUser,$Password $To = '[email protected]' $From = '[email protected]' $CyprusUsers = Get-ADUser -Filter * -SearchBase "OU=Employees,OU=Cyprus,DC=domain,DC=com" $EmailResult = "" $ErrorEmailTemp = "" Foreach ($CyprusUser in $CyprusUsers) { $CyprusGroups = Get-adprincipalgroupmembership $CyprusUser.SamAccountName | select Name $CyprusUserName = $CyprusUser.Name $CyprusGroupsName = $CyprusGroups.Name $CyprusPrincipalName = $CyprusUser.UserPrincipalName $EmailTemp = @" <tr> <td class="colorm">$CyprusUserName</td> <td>$CyprusGroupsName</td> </tr> "@ $EmailResult = $EmailResult + "`r`n" + $EmailTemp } $EmailUp = @" <style> body { font-family:Segoe, "Segoe UI", "DejaVu Sans", "Trebuchet MS", Verdana, sans-serif !important; color:#434242;} TABLE { font-family:Segoe, "Segoe UI", "DejaVu Sans", "Trebuchet MS", Verdana, sans-serif !important; border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;} TR {border-width: 1px;padding: 10px;border-style: solid;border-color: white; } TD {font-family:Segoe, "Segoe UI", "DejaVu Sans", "Trebuchet MS", Verdana, sans-serif !important; border-width: 1px;padding: 10px;border-style: solid;border-color: white; background-color:#C3DDDB;} .colorm {background-color:#58A09E; color:white;} .colort{background-color:#58A09E; padding:20px; color:white; font-weight:bold;} .colorn{background-color:transparent;} </style> <body> <h3>Script has been completed successfully</h3> <h4>Users and their MemberOf Attribute have been exported.</h4> <table> <tr> <td class="colort">User</td> <td class="colort">Groups</td> </tr> "@ $EmailDown = @" </table> </body> "@ $Email = $EmailUp + $EmailResult + $EmailDown if ($EmailResult -ne "") { send-mailmessage ` -To $To ` -Subject "Users and their Groups Cyprus Report $(Get-Date -format dd/MM/yyyy)" ` -Body $Email ` -BodyAsHtml ` -Priority high ` -UseSsl ` -Port 587 ` -SmtpServer 'smtp.office365.com' ` -From $From ` -Credential $EmailCredentials } if ($error -ne $null) { foreach ($value in $error) { $ErrorEmailTemp = @" <tr> <td class="colorm">$value</td> </tr> "@ $ErrorEmailResult = $ErrorEmailResult + "`r`n" + $ErrorEmailTemp } $ErrorEmailUp = @" <style> body { font-family:Segoe, "Segoe UI", "DejaVu Sans", "Trebuchet MS", Verdana, sans-serif !important; color:#434242;} TABLE { font-family:Segoe, "Segoe UI", "DejaVu Sans", "Trebuchet MS", Verdana, sans-serif !important; border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;} TR {border-width: 1px;padding: 10px;border-style: solid;border-color: white; } TD {font-family:Segoe, "Segoe UI", "DejaVu Sans", "Trebuchet MS", Verdana, sans-serif !important; border-width: 1px;padding: 10px;border-style: solid;border-color: white; background-color:#C3DDDB;} .colorm {background-color:#58A09E; color:white;} .colort{background-color:#58A09E; padding:20px; color:white; font-weight:bold;} .colorn{background-color:transparent;} </style> <body> <h3 style="color:#BD3337 !important;> WARNING!!!</h3> <p>There were errors during users check</p> <p>Please check the errors and act accordingly</p> <table> "@ $ErrorEmailDown = @" </table> </body> "@ $ErrorEmail = $ErrorEmailUp + $ErrorEmailResult + $ErrorEmailDown send-mailmessage ` -To $To ` -Subject "Users and their Groups Report $(Get-Date -format dd/MM/yyyy) - WARNING" ` -Body $ErrorEmail ` -BodyAsHtml ` -Priority high ` -UseSsl ` -Port 587 ` -SmtpServer 'smtp.office365.com' ` -From $From ` -Credential $EmailCredentials }