You know when you open a user's properties in Active Directory and there is a security tab. It is my understanding that this is a user's ACL and it shows security groups that have been applied to a user via methods such as manual assignment, delegation, and GPOs for example. I am looking for a way to check to see if there is a security group applied to all my users. So I'm looking for a PS command that will output all users with a specific ACL applied to them and all users that are missing a specific ACL. I think I could get all my users and their ACLs and then filter this list for a specific applied security group (present or not present). Thanks for your time and assistance.