Asked by:
List all shares with Everyone having FullControl access

General discussion
-
Hi guys, i need a way to powershell script the checking of shared folders on my network.
The script must do a folder ceck and check the share and ntfs permissions so you know if there are evryone and full control permissions on some network folder for all network servers.is there a way?
- Changed type Bill_Stewart Monday, October 2, 2017 9:23 PM
- Moved by Bill_Stewart Monday, October 2, 2017 9:23 PM This is not "fix/debug/rewrite my script for me" forum
Thursday, August 17, 2017 9:00 AM
All replies
-
You may have some joy with the bottom one in this thread
https://social.technet.microsoft.com/Forums/office/en-US/1903cfde-ad34-464e-9419-94d07ed9de88/need-powershell-script-to-get-shared-folder-and-ntfs-permission-from-list-of-servers?forum=winserverpowershell
Thursday, August 17, 2017 9:32 AM -
i need only the share with evryone full control. is there a way to modify it?Thursday, August 17, 2017 11:54 AM
-
you could put a where clause after the select-object clause (not tested but may work)
select-object -Property Computer, SName, Folder, User, Control, Access | where User -eq "everyone" -And Access -eq "Fullcontrol" | export-csv $OutFile -force -NoTypeInformation -encoding default -Append
Thursday, August 17, 2017 12:03 PM -
Please read this first: This forum is for scripting questions rather than script requests
Also find scripts here: http://gallery.technet.microsoft.com<o:p></o:p>\_(ツ)_/
Thursday, August 17, 2017 12:14 PM -
hi all, i wrote some code in ps, but i new to powershell.
can you help me?
this is the code:
Import-module ActiveDirectory$ComputerName = ( Get-ADComputer -Filter { DNSHostName -Like '*' } | Select -Expand Name )foreach($Computer in $ComputerName)$Shares = Get-WmiObject -Class Win32_LogicalShareSecuritySetting ` -ComputerName $Computerforeach($Share in $Shares){ $OutputObj = New-Object –TypeName PSObject –Prop (@{ 'ComputerName'=$Computer; 'ShareName' = $Share.Name; 'Status'=$Status; 'EveryOneFullControl'=$false }) $OutputObj.ShareName = $Share.Name $Permissions = $Share.GetSecurityDescriptor()foreach($perm in $Permissions.Descriptor.DACL){if($Perm.Trustee.Name -eq "EveryOne" -and $Perm.AccessMask -eq "2032127" -and $Perm.AceType -eq 0) { $OutputObj.EveryOneFullControl = $true } else { } } $OutputObj $OutputArray +=$OutputObj } } } end { if($OutputDir) { $File = Join-Path $OutputDir ("SharePermissions {0}.log" -f $(Get-Date -Format("MMddyyyyHHmmss"))) $File $OutputArray | ? {$_.EveryOneFullControl}| % { "\\{0}\{1}" -f $_.ComputerName, $_.ShareName | Out-File -FilePath $File -Force } } }with this i try to catch the shares with evryone ad full control, but i have an erorr:
Missing statement body in foreach loop.
At D:\users\lorenzo_zilli\Desktop\Networkshare.ps1:4 char:4
+ <<<< $Shares = Get-WmiObject -Class Win32_LogicalShareSecuritySetting ` -ComputerName $Computer
+ CategoryInfo : ParserError: (:) [], ParseException
+ FullyQualifiedErrorId : MissingForeachStatementwhere is my error?
Thank you!
Monday, August 21, 2017 1:37 PM -
First when you post code please try and format it correctly so it is easier to read. Having a quick look at your code you are missing { } on your first foreach loop
it should be
foreach($Computer in $ComputerName)
{your code here
}
Monday, August 21, 2017 1:55 PM -
this is my code:
Import-module ActiveDirectory$ComputerName = ( Get-ADComputer -Filter { DNSHostName -Like '*' } | Select -Expand Name )foreach($Computer in $ComputerName) {$Shares = Get-WmiObject -Class Win32_LogicalShareSecuritySetting -ComputerName $Computer}foreach($Share in $Shares){ $OutputObj = New-Object –TypeName PSObject –Prop (@{ 'ComputerName'=$Computer; 'ShareName' = $Share.Name; 'Status'=$Status; 'EveryOneFullControl'=$false }) $OutputObj.ShareName = $Share.Name $Permissions = $Share.GetSecurityDescriptor()foreach($perm in $Permissions.Descriptor.DACL){if($Perm.Trustee.Name -eq "EveryOne" -and $Perm.AccessMask -eq "2032127" -and $Perm.AceType -eq 0) { $OutputObj.EveryOneFullControl = $true } else { } } $OutputObj $OutputArray +=$OutputObj } } } end { if($OutputDir) { $File = Join-Path $OutputDir ("SharePermissions {0}.log" -f $(Get-Date -Format("MMddyyyyHHmmss"))) $File $OutputArray | ? {$_.EveryOneFullControl}| % { "\\{0}\{1}" -f $_.ComputerName, $_.ShareName | Out-File -FilePath $File -Force } } }}
Monday, August 21, 2017 2:01 PM -
Unexpected token 'OutputArray' in expression or statement.
At D:\users\lorenzo_zilli\Desktop\Networkshare.ps1:9 char:181
+ if($Perm.Trustee.Name -eq "EveryOne" -and $Perm.AccessMask -eq "2032127" -and $Perm.AceType -eq 0) { $OutputObj.E
veryOneFullControl = $true } else { } } $OutputObj $OutputArray <<<< +=$OutputObj } } } end { if($OutputDir) { $File =
Join-Path $OutputDir ("SharePermissions {0}.log" -f $(Get-Date -Format("MMddyyyyHHmmss"))) $File $OutputArray | ? {$_.
EveryOneFullControl}| % { "\\{0}\{1}" -f $_.ComputerName, $_.ShareName | Out-File -FilePath $File -Force } } }
+ CategoryInfo : ParserError: (OutputArray:String) [], ParseException
+ FullyQualifiedErrorId : UnexpectedTokenMonday, August 21, 2017 2:01 PM -
Please read this first:
This forum is for scripting questions rather than script requests
One of the bullet points reads as follows:
- I have posted my 500-line script. Can someone find that elusive bug and fix it for me?
If you didn't write the code, please ask the code's author for assistance.
-- Bill Stewart [Bill_Stewart]
Monday, August 21, 2017 2:10 PM