用于查找 SharePoint 中所有 Active Directory 组的 PowerShell 脚本

要求：获取 SharePoint 网站中使用的所有 AD 安全组的列表。我们需要生成有关 SharePoint Web 应用程序中使用的 AD 组的报告。

用于在 SharePoint 中查找 AD 组的 PowerShell 脚本：

下面是我的 PowerShell 脚本，用于查找并导出给定 Web 应用程序中所有 SharePoint 网站上的 Active Directory 组。

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

#Change to your web application
$WebAppURL = "https://intranet.crescent.com" 

#Get Web Application
$WebApp = Get-SPWebApplication $WebAppURL

#variable for data collection
$ADGroupCollection= @()
$ReportPath ="C:\ADGroups.csv" 

foreach ($Site in $WebApp.Sites)
{
    Write-host -foregroundcolor green "Processing Site Collection: "$site.RootWeb.URL
    
    #Get all AD Security Groups from the site collection
    $ADGroups = Get-SPUser -Web $Site.Url -Limit ALL | Where { $_.IsDomainGroup -and $_.displayName -ne "Everyone" }

    #Iterate through each AD Group
    ForEach($Group in $ADGroups)
    {
            Write-host "Found AD Group:" $Group.DisplayName

            #Get Direct Permissions
            $Permissions = $Group.Roles | Where { $_.Name -ne "Limited Access" } | Select -ExpandProperty Name

            #Get SharePoint User Groups where the AD group is a member
            $SiteGroups = $Group.Groups | Select -ExpandProperty Name

            #Send Data to an object array
            $ADGroup = new-object psobject
            $ADGroup | add-member noteproperty -name "Site Collection" -value $Site.RootWeb.Title
            $ADGroup | add-member noteproperty -name "URL" -value $Site.Url
            $ADGroup | add-member noteproperty -name "Group Name" -value $Group.DisplayName
            $ADGroup | add-member noteproperty -name "Direct Permissions" -value ($Permissions -join ",")
            $ADGroup | add-member noteproperty -name "SharePoint Groups" -value ($SiteGroups -join ",")
            #Add to Array
            $ADGroupCollection+=$ADGroup           
    } 
}
#Export Data to CSV
$ADGroupCollection | export-csv $ReportPath -notypeinformation
Write-host "SharePoint Security Groups data exported to a CSV file at:"$ReportPath -ForegroundColor Cyan  

该脚本生成一个 CSV 文件报告，其输出为：

• 网站集名称和 URL
• Active Directory 组名
• 通过直接权限级别或通过 SharePoint 组应用于 AD 组的权限。