# import AD Module
Import-Module activedirectory
   #Set-ExecutionPolicy unrestricted

#---------------------------
#-------- Variable ---------
#---------------------------
$i=0

#---------------------------
#------- Functions ---------
#---------------------------
function Get-ADGroupName ([string] $ADDistinguishedName)
{ 
    $ADGrpName= (Get-ADGroup -Filter "DistinguishedName -eq '$ADDistinguishedName'").SamAccountName
    return $ADGrpName
}


function Get-GroupMemberOf ([string] $ADGroupName)
{
    if ($ADGroupName -eq "# Developer") { return } # prevent recursing
    
    $ii++; $a=0
    $Message=""; $Prefix=""
    $GroupCategory=""; $GroupScope=""; $GroupName=""

    For ($a=0; $a -lt $ii; $a++) {$Prefix = $Prefix + "    "}

    $DNs=(Get-ADGroup $ADGroupName -Properties *).MemberOf
    if ($DNs.count -ne 0)
    {  
        foreach ($DN in $DNs)
        {
            $GroupName = (Get-ADGroupName $DN)
            $GroupCategory = (Get-ADGroup $GroupName -Properties *).GroupCategory
            $GroupScope = (Get-ADGroup $GroupName -Properties *).GroupScope
       
            $Message="$Prefix $ADGroupName => $GroupName [$GroupCategory - $GroupScope]"
            Write-Output $Message
      
            Get-GroupMemberOf $GroupName '   '
        }# End ForEach
    }# End IF
}#End Function

function Get-UserMemberships ([string] $ADUserSID)
{
    $ADUser = Get-ADUser $ADUserSID -Properties *
    $ADUserMembers=$ADUser.MemberOf

    $ADUserName = $ADUser.name
    Write-Host "AD-User: $ADUserName ($ADUserSID)"
    Write-Output "AD-User: $ADUserName"
    
    #PrimaryGroup
    $ADPrimaryGroupDN = (Get-ADUser  -Properties * -Filter "SID -eq '$ADUserSID'").PrimaryGroup
    $ADPrimaryGroupName=(Get-ADGroupName $ADPrimaryGroupDN)
    $ADGroupCategory=(Get-ADGroup $ADPrimaryGroupName).GroupCategory
    $ADGroupScope=(Get-ADGroup $ADPrimaryGroupName).GroupScope
    $Message = "Primary Group: $ADPrimaryGroupName [$ADGroupCategory, $ADGroupScope]"
    Write-Output $Message
    
    #Other groups
    foreach ($ADUserMember in $ADUserMembers)
    {
        $i++
        $ADGroupName = (Get-ADGroupName $ADUserMember)
        $ADGroupCategory=(Get-ADGroup $ADGroupName).GroupCategory
        $ADGroupScope=(Get-ADGroup $ADGroupName).GroupScope
        $Message = "($i) $ADGroupName [$ADGroupCategory, $ADGroupScope]"
        Write-Output $Message 
        Get-GroupMemberOf $ADGroupName '    '
        Write-Output " " 
    }
}

function Get-AllMembershipsOfUsers([string] $ADGroupName) 
{
    $i=0

    $devadmaccounts = get-adgroupmember -Identity $ADGroupName -Recursive 
    foreach ($devADM in $devadmaccounts) 
    {
        Get-UserMemberships $devADM.SID 
        Write-Output "======================================================================================================" 
    }

}


#-----------------------------------------------------------------
Clear-Host

[string] $ADGroupName
[string] $date = Get-Date -Format "yyyy-MM-dd HHmm"

$ADGroupName = "# Developer ADM"
Get-AllMembershipsOfUsers $ADGroupName | Out-file "$date Developer ADM.txt"

 $ADGroupName = "Domain Admins"
 Get-AllMembershipsOfUsers $ADGroupName | Out-file "$date Domain Admins.txt"

 $ADGroupName = "# Developer"
 Get-AllMembershipsOfUsers $ADGroupName | Out-file "$date Developer.txt"

 $ADGroupName = "# Interne Automatisering Team-Assistent"
 Get-AllMembershipsOfUsers $ADGroupName | Out-file "$date Interne Automatisering Team-Assistent.txt"

 $ADGroupName = "# Interne Automatisering"
 Get-AllMembershipsOfUsers $ADGroupName | Out-file "$date Interne Automatisering.txt"