I’m in process of obtaining a list of AD users and their emails for each of several shares. There are some explicit permissions set for individual AD users set in NTFS but it’s largely security groups.
What I need is a script that can go recursively through a share folder and it’s subfolders and output me at most the ad username and email for each user who has access. It would need to pull the individual users from the security groups who have access as well.
I want the script operator to either edit the path in the script or be able to run it like .\scriptname -PATH “C:\Users” -Recurse or similar.
Basically I need
Get-ACLs for the specified folder path recursively
Get-ADGroupMembers for the groups that have permissions for the share path and/or subfolders
Output a list containing the samaccountname and mail properties to either txt or CSV.