I am creating a script that should check the file server for shares, and should list user's that have any kind of access control type (allow / deny) and their rights on the share. I've successfully managed to create collection of objects that have data that I want, but I have issues formatting them in the way I want.
Current situation, how the collection looks like
Path Identity Access Rights
Share1 User1 Allow Full Control
Share1 Group1 Allow Full Control
Share2 Group1 Deny Full Control
Share2 Group2 Allow Modify
I am fine with having shares appear in multiple objects, with one identity (user or a group) per object, but I would like to expand groups with its members, when the $_.Identity
in pipe is a group. But I have issues getting there
My code example is practically non existing, I just tried to check every object in the pipe if it's Identity can be used with Get-ADGroupMember
but that's it
$Collection | ForEachObject { if (Get-ADGroupMember $_.Identity) {Get-ADGroupMember $_.Identity }} ...
Desired solution should be like this:
Path Identity Access Rights
Share1 User1 Allow Full Control
Share1 User1,User2 Allow Full Control
Share2 User1,User2 Deny Full Control
Share2 User2,User3 Allow Modify
In this test example, Group1
is consisted of User1
and User2
, while Group2
is consisted of User2
and User3
.
Any help is appreciated.