Solved

Need a PowerShell script to list shares and share permissions residing on a remote server

Posted on 2008-10-24
4
6,965 Views
Last Modified: 2012-06-27
I'm a VERY new user to powerShell and would like to get a listing of the shares and share permissions on remote servers.  I know the start is "Get-WMIObject Win32_Share -computername myserver" but beyond that I haven't been successful.  What I'm looking for is something like the following:
Sharename
User1 - modify
User2 - readOnly
Domain Admins - full

0
Comment
Question by:Diannec
  • 2
4 Comments
 
LVL 18

Expert Comment

by:BSonPosh
ID: 22799791
Do you want NTFS permissions or Share permissions?
0
 

Author Comment

by:Diannec
ID: 22802735
right now I'm looking for Share permissions
0
 
LVL 18

Accepted Solution

by:
BSonPosh earned 250 total points
ID: 22812843
Ah... that is quite another beast.

unfortunately, I believe you need to rely on an external app for this one

rmtshare (from NT 4.0 reskit)

This assumes rmtshare is in your path.
$results = rmtshare.exe $share

$results | ?{$_ -match "\w+\\.+\:"}

Open in new window

0
 

Expert Comment

by:sonytechsoft
ID: 25578846
I found a webpage describing solution without relying on external tools here:

http://www.highorbit.co.uk/?p=972

Examples:
PS C:\> Get-ShareACL Test
PS C:\> (Get-ShareACL Test).Access


function Get-ShareACL {

  Param(

    [String]$Name = "%",

    [String]$Computer = $Env:ComputerName

  )

 

  $Shares = @() 

  Get-WMIObject Win32_Share `

    -Computer $Computer -Filter "Name LIKE '$Name'" | `

    %{

      $Access = @();

      If ($_.Type -eq 0) {

        $SD = (Get-WMIObject -Class Win32_LogicalShareSecuritySetting `

          -Computer $Computer `

          -Filter "Name='$($_.Name)'").GetSecurityDescriptor().Descriptor

        $SD.DACL | %{

          $Trustee = $_.Trustee.Name

          If ($_.Trustee.Domain -ne $Null) { $Trustee = "$($_.Trustee.Domain)\$Trustee" }

          $Access += New-Object System.Security.AccessControl.FileSystemAccessRule( `

            $Trustee, $_.AccessMask, $_.AceType)

        }

      }

      $Shares += $_ | Select-Object Name, Path, Description, Caption, `

        @{n='Type';e={ Switch ($_.Type) {

          0 { "Disk Drive" }

          1 { "Print Queue" }

          2 { "Device" }

          2147483648 { "Disk Drive Admin" }

          2147483649 { "Print Queue Admin" }

          2147483650 { "Device Admin" }

          2147483651 { "IPC Admin" } }} }, `

        MaximumAllowed, AllowMaximum, Status, InstallDate, `

        @{n='Access';e={ $Access }}

  }

  Return $Shares

}

Open in new window

0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This script checks a path to see if a folder exists. If the folder does exist you will get output "The folder has previously been created. No action taken" If not it will create the folder. Then adds one user modify permission to the folder. It …
How to sign a powershell script so you can prevent tampering, and only allow users to run authorised Powershell scripts
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now