Tag Archives: Get-ADGroup

Backup User GroupMembership

‘Sup PSHomies,

When implementing or updating a Role Based Access Control (RBAC) model, being able to do a roll back has to be part of your process.

I’ve seen junior admins break out in a sweat when asked to roll back a user’s membership. “Eh… which groups was the user a member of again?”

wp-1454085190357.jpg

It’s a rookie mistake… Hehe…

Here’s how to make a JIT backup before you start changing user membership.

The csv should have a SamAccountName column.

$csvContent = @'
SamAccountName
user1
user2
user3
'@

This will get you all the direct group memberships and save them to a file named SamAccountName.csv, per user.

Next blog I’ll show you how to restore! 😉

Hope it’s worth something to you.

Ttyl,

Urv

Advertisements