Finding Parent Groups of users groups 1

[Herdrich]

Hello All,

I am trying to loop this until it hits the top level parent groups. Currently I get the users group then the group of those groups. I want to be able to go up until I hit the top group. I could probably nest a few more foreach statements but there has to be a cleaner way to do this. any help would be great!

$Groups = GET-ADUser -Identity USERNAME –Properties MemberOf | Select-Object -ExpandProperty MemberOf | Get-ADGroup -Properties name  | where { $_.GroupCategory -eq "Security" } | sort | Select-Object $_.name


foreach ($Group in $Groups)  
{
Get-ADGroup -Identity $Group –Properties MemberOf | Select-Object -ExpandProperty MemberOf | Get-ADGroup -Properties name | where { $_.GroupCategory -eq "Security" } | sort | Select-Object name


$Groups2=Get-ADGroup -Identity $Group –Properties MemberOf | Select-Object -ExpandProperty MemberOf | Get-ADGroup -Properties name | where { $_.GroupCategory -eq "Security" } | sort | Select-Object $_.name


foreach ($Group in $Groups2)  
{
Get-ADGroup -Identity $Group –Properties MemberOf | Select-Object -ExpandProperty MemberOf | Get-ADGroup -Properties name | where { $_.GroupCategory -eq "Security" } | sort | Select-Object name

}

}

 

[blister911]

Herdrich,
Does this work for you? You'll need to fill in the value for $user

[bool]$new_groups_added = $TRUE
$user = ""  ### <<<<<<< Enter Username Here

[array]$groups = Get-ADPrincipalGroupMembership $user | foreach {$_.name}
$groups = $groups | sort

while ($new_groups_added)
	{
	 $new_groups_added = $FALSE
	 $holding_list = @()
	 foreach ($group in $groups)
		{
		 write-host "Checking: $group"
		 [array]$new_groups = Get-ADPrincipalGroupMembership $group | foreach {$_.name}
		 if ($new_groups.length -gt 1)
			{
			 $new_groups_added = $TRUE
			 foreach ($new in $new_groups)
				{$holding_list += $new}
			}
		 else
			{$holding_list += $group}
		}
	 [array]$groups = $holding_list
	 $groups = $groups | sort
	 $groups = $groups | select -Unique
	 if ($new_groups_added)
		{
		 write-host ""
		 write-host "--------------------------"
		 write-host "     Starting Recheck"
		 write-host "--------------------------"
		 write-host ""
		}
	}

## $groups  ### <<<<<<< List of groups is stored here

Light travels faster than sound. That's why some people appear bright until you hear them speak.

 

[Herdrich]

Nice! Looks to be working. Just have to fix up my inputs and outputs. Thanks

 

[blister911]

Now I think that only gets the parent groups. It does not include the child. If you want the children included with the parents, you need to make a small modification to the script: Add the lines in GREEN and remove the lines in RED

[bool]$new_groups_added = $TRUE
$user = ""  ### <<<<<<< Enter Username Here

[COLOR=#73D216]$master_list = @()[/color]

[array]$groups = Get-ADPrincipalGroupMembership $user | foreach {$_.name}
$groups = $groups | sort

while ($new_groups_added)
	{
	 $new_groups_added = $FALSE
	 $holding_list = @()
	 foreach ($group in $groups)
		{
		 [COLOR=#73D216]$master_list += $group[/color]
		 write-host "Checking: $group"
		 [array]$new_groups = Get-ADPrincipalGroupMembership $group | foreach {$_.name}
		 if ($new_groups.length -gt 1)
			{
			 $new_groups_added = $TRUE
			 foreach ($new in $new_groups)
				{$holding_list += $new}
			}
                 [COLOR=#EF2929]else
			{$holding_list += $group}[/color]
		}
	 [array]$groups = $holding_list
	 $groups = $groups | sort
	 $groups = $groups | select -Unique
	 if ($new_groups_added)
		{
		 write-host ""
		 write-host "--------------------------"
		 write-host "     Starting Recheck"
		 write-host "--------------------------"
		 write-host ""
		}
	}
[COLOR=#73D216]$master_list = $master_list | sort
$master_list = $master_list | select -Unique
## $master_list[/color]  ### <<<<<<< List of groups is stored here

Light travels faster than sound. That's why some people appear bright until you hear them speak.

 

[Herdrich]

I was just looking for the parent groups so it worked perfectly