## p4diff-subgroups
## aaron bockelie

<#
	.SYNOPSIS
	Performs a diff against a named Perforce group and returns the differences of subgroups, if any.
	.DESCRIPTION
	This function compares subgroup membership lists and returns a comparison object.
	.EXAMPLE
	This will list any differences between the AD group and the local Perforce group subgroup memberships.
	[PS] p4diff-groupmembers p4infosys

	InputObject                                                 SideIndicator
	-----------                                                 -------------
	subgroup.of.group                                           =>
	
	The SideIndicator for the user subgroup.of.group indicates that the group is not in the Perforce Depot groupspec.
	.PARAMETER groupname
	The group to compare.
	.FUNCTIONALITY
	Use this function to reconcile differences in a group, to reveal potental sources of trouble, or to aid in automation of group syncing.
#>

Function p4diff-subgroupmembers
{
param
([Parameter(Mandatory = $true)]$groupname,[switch]$verbosediff)
$servercheck = p4get-server
$adgroupmembers = @()
$p4groupmembers = @()
$verboseoutput = @()
if ($servercheck.pingsuccess.equals($true))
{
	$adgroup = $null #set test var to nul
	#get group from ad, and if it fails, throw an error 
	try
	{
		$adgroup = get-qadgroupmember $groupname | ?{$_.type -eq "group"} #get the member subgroups 
	}
	catch 
	{
		#if an error with getting group, throw error.
		#$message = $groupname + " was not found in Active Directory." 
		#write-warning $message
	}
	$ADsubgroupmembers = $adgroup | %{$_.samaccountname}#load the array for adgroupmembers
	$p4subgroupmembers = p4get-group $groupname | %{$_.subgroups} #load the array for p4groupmembers
	#sort groups equally.
	if ($p4subgroupmembers){$P4subgroupmembers = $P4subgroupmembers | sort-object} else {$p4subgroupmembers = @()}
	if ($adsubgroupmembers){$adsubgroupmembers = $adsubgroupmembers | sort-object} else {$adsubgroupmembers = @()}
	#reconcile groups
	try
	{
		$RecGroups = compare-object -includeequal -syncwindow 1000 $p4subgroupmembers $adsubgroupmembers #Reconcile the list from AD with the list from Perforce. Syncwindow is for sorting the users correctly.
	}
	catch
	{
		write-error "One or more groups are null." -category InvalidOperation
	}	
	if ($verbosediff.ispresent -eq "True")
	{
		foreach ($diff in $RecGroups)
		{
			if ($diff.sideindicator -eq "=>")
			{
				$verboseoutput += $diff.inputobject + ", user in Active Directory group only."
			}
			if ($diff.sideindicator -eq "<=")
			{
				$verboseoutput += $diff.inputobject + ", user in Perforce group only."
			}
			if ($diff.sideindicator -eq "==")
			{
				$verboseoutput += $diff.inputobject + ", user in Perforce and Active Directory group."
			}
		}
		return $verboseoutput		
	}
	else
	{
		return $RecGroups #return compared object.
	}
} #end main

} #end function