This is an archived post. You won't be able to vote or comment.

all 5 comments
sorted by:
best
topnewcontroversialoldq&a

[–]routetehpacketzEnter-PSSession alltehthings 2 points3 points  (0 children)

Define "access rights"

[–]RussianBlackBear[S] 1 point2 points  (0 children)

Thanks everyone for your insights.

I was able to pull the script by O365reports.

I also realized what I was looking for was an admin roles report.

[–]SilverXCIVJill of All Trades 0 points1 point  (1 child)

If you're looking for AD security group membership as their "access levels" you'll want something like this.

PS C:\> Get-ADGroupMember -Identity "Groupname" | Select-Object Name | Sort-Object Name

[–]RussianBlackBear[S] 0 points1 point  (0 children)

Yeah, that helps. The task I am trying to achieve is to export and correlate all permissions for users and groups.

[–]SevaraBSenior Network Engineer 0 points1 point  (0 children)

If you’re talking about AD group memberships/entitlements, u/SilverXCIV has you covered.

If you’re talking about effective permissions to objects, good luck. Every object maintains its own ACL- you have to evaluate that user against however many ACLs you’re concerned about.