## p4diff-groupmembers
## aaron bockelie

<#
	.SYNOPSIS
	Performs a diff against a named Perforce group and an AD group and returns the differences, if any.
	.DESCRIPTION
	This function compares two simple group membership lists and evaluates the membership of each. It then returns a comparison object.
	.EXAMPLE
	This will list any differences between the AD group and the local Perforce group.
	[PS] p4diff-groupmembers p4infosys

	InputObject                                                 SideIndicator
	-----------                                                 -------------
	amanda.hardiman                                             =>
	
	The SideIndicator for the user amanda.hardiman indicates that the user is not in the Perforce Depot group.
	.PARAMETER groupname
	The group to compare.
	.FUNCTIONALITY
	Use this function to reconcile differences in a group, to reveal potental sources of trouble, or to aid in automation of group syncing.
#>

Function p4diff-groupmembers
{param([Parameter(Mandatory = $true)]$groupname,[switch]$verbosediff)
$servercheck = p4get-server
$adgroupmembers = @()
$p4groupmembers = @()
$verboseoutput = @()
if ($servercheck.pingsuccess.equals($true))
{
	$adgroup = $null #set test var to nul
	#get group from ad, and if it fails, throw an error 
	try
	{
		$adgroup = get-qadgroupmember $groupname | ?{$_.type -eq "user"} #get the group
	}
	catch 
	{
		#if an error with getting group, throw error.
		#$message = $groupname + " was not found in Active Directory." 
		#write-warning $message
	}
	$ADgroupmembers = $adgroup | %{$_.samaccountname}#load the array for adgroupmembers
	$p4groupmembers = p4get-groupmembers $groupname #load the array for p4groupmembers
	#sort groups equally.
	if ($p4groupmembers){$P4groupmembers = $P4groupmembers | sort-object} else {$p4groupmembers = @()}
	if ($adgroupmembers){$adgroupmembers = $adgroupmembers | sort-object} else {$adgroupmembers = @()}
	#reconcile groups
	try
	{
		$RecGroups = compare-object -includeequal -syncwindow 1000 $p4groupmembers $adgroupmembers #Reconcile the list from AD with the list from Perforce. Syncwindow is for sorting the users correctly.
	}
	catch
	{
		write-error "One or more groups are null." -category InvalidOperation
	}	
	if ($verbosediff.ispresent -eq "True")
	{
		foreach ($diff in $RecGroups)
		{
			if ($diff.sideindicator -eq "=>")
			{
				$verboseoutput += $diff.inputobject + ", user in Active Directory group only."
			}
			if ($diff.sideindicator -eq "<=")
			{
				$verboseoutput += $diff.inputobject + ", user in Perforce group only."
			}
			if ($diff.sideindicator -eq "==")
			{
				$verboseoutput += $diff.inputobject + ", user in Perforce and Active Directory group."
			}
		}
		return $verboseoutput
	}
	else
	{
		return $RecGroups #return compared object.
	}
} #end main

} #end function