diff --git a/Powershell/Lists/GroupMappingsCheck.ps1 b/Powershell/Lists/GroupMappingsCheck.ps1
new file mode 100644
index 0000000..561db36
--- /dev/null
+++ b/Powershell/Lists/GroupMappingsCheck.ps1
@@ -0,0 +1,216 @@
+Import-Module AzureAD
+Import-Module SqlServer
+
+#Connect-AzureAD
+#Connect-AzAccount
+
+[string] $date = Get-Date -Format "yyyy-MM-dd HHmm"
+$filename = "c:\tmp\$date User group mappings.csv"
+
+
+Function Get-RecursiveAzureAdGroupMemberUsers{
+    [cmdletbinding()]
+    param(
+       [parameter(Mandatory=$True,ValueFromPipeline=$true)]
+       $AzureGroup
+    )
+        Begin{
+            If(-not(Get-AzureADCurrentSessionInfo)){Connect-AzureAD}
+        }
+        Process {
+            Write-Verbose -Message "Enumerating $($AzureGroup.DisplayName)"
+            $Members = Get-AzureADGroupMember -ObjectId $AzureGroup.ObjectId -All $true
+            $UserMembers = $Members | Where-Object{$_.ObjectType -eq 'User'}
+            If($Members | Where-Object{$_.ObjectType -eq 'Group'}){
+                $UserMembers += $Members | Where-Object{$_.ObjectType -eq 'Group'} | ForEach-Object{ Get-RecursiveAzureAdGroupMemberUsers -AzureGroup $_}
+            }
+        }
+        end {
+            Return $UserMembers
+        }
+    }
+
+# Get SQL records
+Write-Host ("Get SQL records") -foreground Yellow
+
+$access_token = (Get-AzAccessToken -ResourceUrl https://database.windows.net).Token
+$signInConnectionString = "Data Source=signin-effectory.database.windows.net;Initial Catalog=SignIn;Persist Security Info=False;Encrypt=True;TrustServerCertificate=False;Application Name=CloudEngineering";
+$eceConnectionString = "Data Source=c0m7f8nybr.database.windows.net;Initial Catalog='Effectory Extranet';Persist Security Info=False;Encrypt=True;TrustServerCertificate=False;Application Name=CloudEngineering";
+
+$mappings = Invoke-Sqlcmd -Query "select gm.GroupId, gm.[Description] as GroupMappingName from GroupMappings gm" -ConnectionString $signInConnectionString -AccessToken $access_token
+$mappingClaims = Invoke-Sqlcmd -Query "select distinct gm.GroupId, gm.[Description] as GroupMappingName, gmc.ClaimType, gmc.ClaimValue from GroupMappings gm inner join GroupMappingClaims gmc on gmc.GroupMappingId = gm.GroupMappingId" -ConnectionString $signInConnectionString -AccessToken $access_token
+
+$accounts = Invoke-Sqlcmd -Query "Select distinct a.AccountId, a.Name, a.OwnerId from portal.Account  a inner join portal.Project p on p.AccountID = a.AccountID inner join portal.Survey s on p.ProjectID = s.ProjectID" -ConnectionString $eceConnectionString -AccessToken $access_token
+$surveys = Invoke-Sqlcmd -Query "select s.SurveyID, s.Name from portal.Survey s" -ConnectionString $eceConnectionString -AccessToken $access_token
+$owners = Invoke-Sqlcmd -Query "select o.Id as OwnerId, o.Name from portal.AccountOwner o" -ConnectionString $eceConnectionString -AccessToken $access_token
+
+# map claims
+Write-Host ("Map claims - will take a while") -foreground Yellow
+
+class MappingItem {
+    [string] $GroupId = ""
+    [string] $GroupMappingName = ""
+    [string] $ClaimType = ""
+    [string] $ClaimValue = ""
+    [string] $AccountID = ""
+    [string] $AccountName = ""
+    [string] $SurveyID = ""
+    [string] $SurveyName = ""
+    [string] $OwnerId = ""
+    [string] $OwnerName = ""
+}
+
+[MappingItem[]]$mappingItems = @()
+foreach ($mappingClaim in $mappingClaims) 
+{
+    Write-Host ("*") -foreground White -NoNewline
+
+    if ($mappingClaim.ClaimValue -like 'o.*') 
+    {
+        
+        $owner = $owners | Where-Object OwnerId -eq  ([int]$mappingClaim.ClaimValue.Replace('o.',''))
+
+        [MappingItem] $mappingItem = [MappingItem]::new()
+        $mappingItem.GroupId = $mappingClaim.GroupId
+        $mappingItem.GroupMappingName = $mappingClaim.GroupMappingName
+        $mappingItem.ClaimType = $mappingClaim.ClaimType
+        $mappingItem.ClaimValue = $mappingClaim.ClaimValue
+        $mappingItem.OwnerId = $owner.OwnerId
+        $mappingItem.OwnerName = $owner.Name
+    
+        $mappingItems += $mappingItem
+
+        # $ownerAccounts = $accounts | Where-Object OwnerId -eq $owner.OwnerId
+
+        # foreach ($account in $ownerAccounts) 
+        # {
+        #   Write-Host (".") -foreground White -NoNewline
+
+        #   [MappingItem] $mappingItem = [MappingItem]::new()
+        #   $mappingItem.GroupId = $mappingClaim.GroupId
+        #   $mappingItem.GroupMappingName = $mappingClaim.GroupMappingName
+        #   $mappingItem.ClaimType = $mappingClaim.ClaimType
+        #   $mappingItem.ClaimValue = $mappingClaim.ClaimValue
+        #   $mappingItem.OwnerId = $owner.OwnerId
+        #   $mappingItem.OwnerName = $owner.Name
+        #   $mappingItem.AccountID = $account.AccountID
+        #   $mappingItem.AccountName = $account.Name
+      
+        #   $mappingItems += $mappingItem
+        # }
+    } 
+    else 
+    {
+        if ($mappingClaim.ClaimValue -like 'a.*') 
+        {
+            $account = $accounts | Where-Object AccountID -eq  ([int]$mappingClaim.ClaimValue.Replace('a.',''))
+
+            [MappingItem] $mappingItem = [MappingItem]::new()
+            $mappingItem.GroupId = $mappingClaim.GroupId
+            $mappingItem.GroupMappingName = $mappingClaim.GroupMappingName
+            $mappingItem.ClaimType = $mappingClaim.ClaimType
+            $mappingItem.ClaimValue = $mappingClaim.ClaimValue
+            $mappingItem.AccountID = $account.AccountID
+            $mappingItem.AccountName = $account.Name
+            $mappingItems += $mappingItem
+        } 
+        else 
+        {
+            if ($mappingClaim.ClaimValue -like 's.*') 
+            {
+                $survey = $surveys | Where-Object SurveyID -eq  ([int]$mappingClaim.ClaimValue.Replace('s.',''))
+
+                [MappingItem] $mappingItem = [MappingItem]::new()
+                $mappingItem.GroupId = $mappingClaim.GroupId
+                $mappingItem.GroupMappingName = $mappingClaim.GroupMappingName
+                $mappingItem.ClaimType = $mappingClaim.ClaimType
+                $mappingItem.ClaimValue = $mappingClaim.ClaimValue
+                $mappingItem.SurveyID = $survey.SurveyID
+                $mappingItem.SurveyName = $survey.Name
+                $mappingItems += $mappingItem
+            }
+        }
+    }
+}
+Write-Host ("x") -foreground White 
+
+# Create check list
+Write-Host ("Create check list") -foreground Yellow
+
+class UserMappingItem {
+    [string] $GroupId = ""
+    [string] $GroupMappingName = ""
+    [string] $UserObjectId = ""
+    [string] $UserDisplayName = ""
+    [string] $UserMail = ""
+    [string] $UserUserPrincipalName = ""
+    [string] $UserJobTitle = ""
+    [string] $UserDepartment = ""
+    [string] $UserUserType = ""
+    [string] $ClaimType = ""
+    [string] $ClaimValue = ""
+    [string] $AccountID = ""
+    [string] $AccountName = ""
+    [string] $SurveyID = ""
+    [string] $SurveyName = ""
+    [string] $OwnerId = ""
+    [string] $OwnerName = ""
+}
+
+[UserMappingItem[]]$userMappingItems = @()
+$a=0
+$noMappings = $mappings.Length
+[string] $itemDate
+
+foreach($mapping in $mappings) {
+    
+    $u=0
+    $a++    
+    $itemDate = Get-Date -Format "yyyy-MM-dd HHmm"
+    $mappingName = $mapping.GroupMappingName
+    Write-Host ("[$itemDate] [$a/$noMappings] - Mapping '$mappingName'") -foreground Green
+
+    #get users in mapping
+    $usersInMapping = Get-AzureADGroup -ObjectId $mapping.GroupId | Get-RecursiveAzureAdGroupMemberUsers
+
+    #get mapping claims
+    $mappingItemsInMapping = $mappingItems | Where-Object GroupId -eq $mapping.GroupId
+
+    $noUsers = $usersInMapping.Length
+    foreach($user in $usersInMapping) {
+        $u++
+        $itemDate = Get-Date -Format "yyyy-MM-dd HHmm"
+        $userName = $user.DisplayName
+        Write-Host ("[$itemDate] [$a/$noMappings] - Mapping '$mappingName' - [$u/$noUsers] User '$userName'") -foreground White
+    
+        foreach($mappingItem in $mappingItemsInMapping) {
+
+            [UserMappingItem] $userMappingItem = [UserMappingItem]::new()
+            $userMappingItem.GroupId = $mappingItem.GroupId
+            $userMappingItem.GroupMappingName = $mappingItem.GroupMappingName
+
+            $userMappingItem.UserObjectId = $user.ObjectId
+            $userMappingItem.UserDisplayName = $user.DisplayName
+            $userMappingItem.UserMail = $user.Mail
+            $userMappingItem.UserUserPrincipalName = $user.UserPrincipalName
+            $userMappingItem.UserJobTitle = $user.JobTitle
+            $userMappingItem.UserDepartment = $user.Department
+            $userMappingItem.UserUserType = $user.UserType
+
+            $userMappingItem.ClaimType = $mappingItem.ClaimType
+            $userMappingItem.ClaimValue = $mappingItem.ClaimValue
+            $userMappingItem.AccountID =  $mappingItem.AccountID 
+            $userMappingItem.AccountName = $mappingItem.AccountName
+            $userMappingItem.SurveyID = $mappingItem.SurveyID
+            $userMappingItem.SurveyName = $mappingItem.SurveyName
+            $userMappingItem.OwnerId = $mappingItem.OwnerId
+            $userMappingItem.OwnerName = $mappingItem.OwnerName
+
+            $userMappingItems += $userMappingItem
+        }
+
+        $userMappingItems | Export-Csv -Path $filename -Append -NoTypeInformation
+    }
+}
+
+