Hi all,
So I am tasked with finding out which AD Groups have access to directories on our network. I have done some poking around but there are seems to be a lot of ways to approach this and I was hoping for some up-to-date Powershell v4 advice.
The challenge: I have about 150 AD Groups. I need to find out which network directories, if any, they are in.
So far: I have tested with dumpSec to give me an output of one mapped network drive as a .txt. Took about 15hrs. The output was about 4 million rows and a few GB. This is because it lists EVERYTHING. So I broke it up into 200k row .txt files and proceeded to use PowerShell to select-string "[AD groupname]. That reduced it somehwhat but there is still alot of work to get my desired output.
Is there a way for me to just have powershell say
- here is my AD groups list. [groupa, groupb, etc]
- look at each network drive and for each directory look at the security tab.
- for each entry in the security tab.. is it a match for one of the groups I am interested in?
- yes.. well add that directory name to an array called: @groupa_directories, or @groupb_directories, etc.
- no. carry on till all directories are parsed.