If you read my article on Automating User Access Reporting, you've probably understand that exporting security group membership from Active Directory is fairly simple. The challenge is that after all of those user's security group membership details have been exported, now they have to be reviewed. If you have more than 50 users, that's probably going to take quite a while. Who wants to read through text files for 4 hours trying to figure out if group membership has changed? Especially if your organization is required to do that every month?
This article demonstrates how to create a two-step process that eliminates 99% of the time spent on reviewing security group membership. When a new user is created using the New User Script (from my article called Onboarding New Users with PowerShell) the script assigns groups to the user and then exports a text file to a file server. The User Access Review script runs monthly, exports security group membership to a new location and compares the new file to the original file. If they match, no review is necessary. If not, an email is sent to the appropriate team notifying them of the change and asking for the permissions of the user to be reviewed.
Have you ever needed a list of all of your users and the Security Groups they belong to? Often organizations find themselves with a business need to periodically report the permissions that users have in the environment. This is usually for auditing or information assurance purposes. Whatever your reasons, below this article will cover how to write a PowerShell script that can be used to schedule the generation of a CSV file that contains a list of all users and their group membership.
Ever wanted to rescan storage on all of the ESXi hosts in your vCenter environment at once?This article shows how to write a PowerShell script that will rescan a list of ESXi hosts in your environment for new storage, either VFMS, NTFS, or both.
Sheridan's interests are in technology, business, music, and adventures