Implemented ignored OUs for email groups

seatosky-chris · Dec 21, 2022 · 4f5a148 · 4f5a148
1 parent 13f69a0
commit 4f5a148
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 3 deletions.
diff --git a/User Audit - Constants.ps1 b/User Audit - Constants.ps1
@@ -223,6 +223,19 @@ $EmailOnlyGroupsIgnore = @(
 	"Domain Users", "*Email*", "*Contacts*", "*Office365*", "*O365*"
 )
 
+####################
+# $EmailOnlyGroupsOUIgnore
+# 
+# Set this to any OU's in AD to ignore all of the groups in (including nested OUs) on email only accounts
+# This only takes effect if $EmailOnlyHaveAD is $true and the $EmailType is "O365"
+# When checking for Email Only accounts that have an AD account, the script assumes an AD account with no groups and an O365 account is email only,
+# if there are certain groups maintained in an OU that give access to mailing lists or online services, you can list the OUs here to have 
+# all groups in those OUs be ignored in this check 
+#
+$EmailOnlyGroupsOUIgnore = @(
+	"Distribution Groups"
+)
+
 ####################
 # $InactivityO365Preference
 # 

diff --git a/User Audit.ps1 b/User Audit.ps1
@@ -955,7 +955,13 @@ if ($CheckAD) {
 		$FullADUsers | ForEach-Object {
 			$i++
 			$_ | Add-Member -MemberType NoteProperty -Name Groups -Value $null
-			$_.Groups = @((Get-ADPrincipalGroupMembership $_.Username | Select-Object Name).Name)
+			$ADGroups = Get-ADPrincipalGroupMembership $_.Username
+			if ($ADGroups -and $EmailOnlyGroupsOUIgnore) {
+				foreach ($IgnoreOU in $EmailOnlyGroupsOUIgnore) {
+					$ADGroups = $ADGroups | Where-Object { $_.distinguishedName -notlike "OU=$($IgnoreOU)," }
+				}
+			}
+			$_.Groups = @(($ADGroups | Select-Object Name).Name)
 			[int]$PercentComplete = ($i / $ADUserCount * 100)
 			Write-Progress -Activity "Getting AD Group Memberships" -PercentComplete $PercentComplete -Status ("Working - " + $PercentComplete + "%")
 		}

diff --git a/User_Billing_Update.ps1 b/User_Billing_Update.ps1
@@ -438,7 +438,13 @@ if ($UserAudit) {
 			# Get groups
 			$FullADUsers | ForEach-Object {
 				$_ | Add-Member -MemberType NoteProperty -Name Groups -Value $null
-				$_.Groups = @((Get-ADPrincipalGroupMembership $_.Username | Select-Object Name).Name)
+				$ADGroups = Get-ADPrincipalGroupMembership $_.Username
+				if ($ADGroups -and $EmailOnlyGroupsOUIgnore) {
+					foreach ($IgnoreOU in $EmailOnlyGroupsOUIgnore) {
+						$ADGroups = $ADGroups | Where-Object { $_.distinguishedName -notlike "OU=$($IgnoreOU)," }
+					}
+				}
+				$_.Groups = @(($ADGroups | Select-Object Name).Name)
 			}
 
 			if ($ADIncludeSubFolders) {

diff --git a/currentversion.txt b/currentversion.txt
@@ -1 +1 @@
-2.15.0
+2.15.1