When implementing or updating a Role Based Access Control (RBAC) model, being able to do a roll back has to be part of your process.
I’ve seen junior admins break out in a sweat when asked to roll back a user’s membership. “Eh… which groups was the user a member of again?”
It’s a rookie mistake… Hehe…
Here’s how to make a JIT backup before you start changing user membership.
The csv should have a SamAccountName column.
$csvContent = @' SamAccountName user1 user2 user3 '@
This will get you all the direct group memberships and save them to a file named SamAccountName.csv, per user.
Next blog I’ll show you how to restore! 😉
Hope it’s worth something to you.