Remove From My Forums

List all shares with Everyone having FullControl access

General discussion
0

Sign in to vote
Hi guys, i need a way to powershell script the checking of shared folders on my network.
The script must do a folder ceck and check the share and ntfs permissions so you know if there are evryone and full control permissions on some network folder for all network servers.

is there a way?
- Changed type Bill_Stewart Monday, October 2, 2017 9:23 PM
- Moved by Bill_Stewart Monday, October 2, 2017 9:23 PM This is not "fix/debug/rewrite my script for me" forum
Thursday, August 17, 2017 9:00 AM

Reply

|

Quote

All replies

0

Sign in to vote

You may have some joy with the bottom one in this thread

https://social.technet.microsoft.com/Forums/office/en-US/1903cfde-ad34-464e-9419-94d07ed9de88/need-powershell-script-to-get-shared-folder-and-ntfs-permission-from-list-of-servers?forum=winserverpowershell

Thursday, August 17, 2017 9:32 AM

Reply

|

Quote
0

Sign in to vote

i need only the share with evryone full control. is there a way to modify it?

Thursday, August 17, 2017 11:54 AM

Reply

|

Quote
0

Sign in to vote

you could put a where clause after the select-object clause (not tested but may work)

select-object -Property Computer, SName, Folder, User, Control, Access | where User -eq "everyone" -And Access -eq "Fullcontrol" | export-csv $OutFile -force -NoTypeInformation -encoding default -Append

Thursday, August 17, 2017 12:03 PM

Reply

|

Quote
0

Sign in to vote

Please read this first: This forum is for scripting questions rather than script requests

Also find scripts here: http://gallery.technet.microsoft.com<o:p></o:p>

\_(ツ)_/

Thursday, August 17, 2017 12:14 PM

Reply

|

Quote
0

Sign in to vote

hi all, i wrote some code in ps, but i new to powershell.

can you help me?

this is the code:

Import-module ActiveDirectory

$ComputerName = ( Get-ADComputer -Filter { DNSHostName -Like '*' } | Select -Expand Name )

foreach($Computer in $ComputerName)

   $Shares = Get-WmiObject -Class Win32_LogicalShareSecuritySetting ` -ComputerName $Computer

foreach($Share in $Shares)

    { $OutputObj = New-Object –TypeName PSObject –Prop (@{ 'ComputerName'=$Computer; 'ShareName' = $Share.Name; 'Status'=$Status; 'EveryOneFullControl'=$false }) $OutputObj.ShareName = $Share.Name $Permissions = $Share.GetSecurityDescriptor()

foreach($perm in $Permissions.Descriptor.DACL)

{

    if($Perm.Trustee.Name -eq "EveryOne" -and $Perm.AccessMask -eq "2032127" -and $Perm.AceType -eq 0) { $OutputObj.EveryOneFullControl = $true } else { } } $OutputObj $OutputArray +=$OutputObj } } } end { if($OutputDir) { $File = Join-Path $OutputDir ("SharePermissions {0}.log" -f $(Get-Date -Format("MMddyyyyHHmmss"))) $File $OutputArray | ? {$_.EveryOneFullControl}| % { "\\{0}\{1}" -f $_.ComputerName, $_.ShareName | Out-File -FilePath $File -Force } } }

with this i try to catch the shares with evryone ad full control, but i have an erorr:

Missing statement body in foreach loop.
At D:\users\lorenzo_zilli\Desktop\Networkshare.ps1:4 char:4
+     <<<< $Shares = Get-WmiObject -Class Win32_LogicalShareSecuritySetting ` -ComputerName $Computer
    + CategoryInfo          : ParserError: (:) [], ParseException
    + FullyQualifiedErrorId : MissingForeachStatement

where is my error?

Thank you!

Monday, August 21, 2017 1:37 PM

Reply

|

Quote
0

Sign in to vote

First when you post code please try and format it correctly so it is easier to read. Having a quick look at your code you are missing { } on your first foreach loop

it should be

foreach($Computer in $ComputerName)
{

your code here

}

Monday, August 21, 2017 1:55 PM

Reply

|

Quote
0

Sign in to vote

this is my code:

Import-module ActiveDirectory

$ComputerName = ( Get-ADComputer -Filter { DNSHostName -Like '*' } | Select -Expand Name )

foreach($Computer in $ComputerName) {

   $Shares = Get-WmiObject -Class Win32_LogicalShareSecuritySetting -ComputerName $Computer}

foreach($Share in $Shares)

    { $OutputObj = New-Object –TypeName PSObject –Prop (@{ 'ComputerName'=$Computer; 'ShareName' = $Share.Name; 'Status'=$Status; 'EveryOneFullControl'=$false }) $OutputObj.ShareName = $Share.Name $Permissions = $Share.GetSecurityDescriptor()

foreach($perm in $Permissions.Descriptor.DACL)

{

    if($Perm.Trustee.Name -eq "EveryOne" -and $Perm.AccessMask -eq "2032127" -and $Perm.AceType -eq 0) { $OutputObj.EveryOneFullControl = $true } else { } } $OutputObj $OutputArray +=$OutputObj } } } end { if($OutputDir) { $File = Join-Path $OutputDir ("SharePermissions {0}.log" -f $(Get-Date -Format("MMddyyyyHHmmss"))) $File $OutputArray | ? {$_.EveryOneFullControl}| % { "\\{0}\{1}" -f $_.ComputerName, $_.ShareName | Out-File -FilePath $File -Force } } }

}

Monday, August 21, 2017 2:01 PM

Reply

|

Quote
0

Sign in to vote

Unexpected token 'OutputArray' in expression or statement.
At D:\users\lorenzo_zilli\Desktop\Networkshare.ps1:9 char:181
+     if($Perm.Trustee.Name -eq "EveryOne" -and $Perm.AccessMask -eq "2032127" -and $Perm.AceType -eq 0) { $OutputObj.E
veryOneFullControl = $true } else { } } $OutputObj $OutputArray <<<< +=$OutputObj } } } end { if($OutputDir) { $File =
Join-Path $OutputDir ("SharePermissions {0}.log" -f $(Get-Date -Format("MMddyyyyHHmmss"))) $File $OutputArray | ? {$_.
EveryOneFullControl}| % { "\\{0}\{1}" -f $_.ComputerName, $_.ShareName | Out-File -FilePath $File -Force } } }
    + CategoryInfo          : ParserError: (OutputArray:String) [], ParseException
    + FullyQualifiedErrorId : UnexpectedToken

Monday, August 21, 2017 2:01 PM

Reply

|

Quote
0

Sign in to vote
Please read this first:

This forum is for scripting questions rather than script requests

One of the bullet points reads as follows:

I have posted my 500-line script. Can someone find that elusive bug and fix it for me?

If you didn't write the code, please ask the code's author for assistance.
-- Bill Stewart [Bill_Stewart]
Monday, August 21, 2017 2:10 PM

Reply

|

Quote

Asked by:

List all shares with Everyone having FullControl access

General discussion

All replies