Solved

Need a PowerShell script to list shares and share permissions residing on a remote server

Posted on 2008-10-24
4
6,989 Views
Last Modified: 2012-06-27
I'm a VERY new user to powerShell and would like to get a listing of the shares and share permissions on remote servers.  I know the start is "Get-WMIObject Win32_Share -computername myserver" but beyond that I haven't been successful.  What I'm looking for is something like the following:
Sharename
User1 - modify
User2 - readOnly
Domain Admins - full

0
Comment
Question by:Diannec
  • 2
4 Comments
 
LVL 18

Expert Comment

by:BSonPosh
ID: 22799791
Do you want NTFS permissions or Share permissions?
0
 

Author Comment

by:Diannec
ID: 22802735
right now I'm looking for Share permissions
0
 
LVL 18

Accepted Solution

by:
BSonPosh earned 250 total points
ID: 22812843
Ah... that is quite another beast.

unfortunately, I believe you need to rely on an external app for this one

rmtshare (from NT 4.0 reskit)

This assumes rmtshare is in your path.
$results = rmtshare.exe $share
$results | ?{$_ -match "\w+\\.+\:"}

Open in new window

0
 

Expert Comment

by:sonytechsoft
ID: 25578846
I found a webpage describing solution without relying on external tools here:

http://www.highorbit.co.uk/?p=972

Examples:
PS C:\> Get-ShareACL Test
PS C:\> (Get-ShareACL Test).Access


function Get-ShareACL {
  Param(
    [String]$Name = "%",
    [String]$Computer = $Env:ComputerName
  )
 
  $Shares = @() 
  Get-WMIObject Win32_Share `
    -Computer $Computer -Filter "Name LIKE '$Name'" | `
    %{
      $Access = @();
      If ($_.Type -eq 0) {
        $SD = (Get-WMIObject -Class Win32_LogicalShareSecuritySetting `
          -Computer $Computer `
          -Filter "Name='$($_.Name)'").GetSecurityDescriptor().Descriptor
        $SD.DACL | %{
          $Trustee = $_.Trustee.Name
          If ($_.Trustee.Domain -ne $Null) { $Trustee = "$($_.Trustee.Domain)\$Trustee" }
          $Access += New-Object System.Security.AccessControl.FileSystemAccessRule( `
            $Trustee, $_.AccessMask, $_.AceType)
        }
      }
      $Shares += $_ | Select-Object Name, Path, Description, Caption, `
        @{n='Type';e={ Switch ($_.Type) {
          0 { "Disk Drive" }
          1 { "Print Queue" }
          2 { "Device" }
          2147483648 { "Disk Drive Admin" }
          2147483649 { "Print Queue Admin" }
          2147483650 { "Device Admin" }
          2147483651 { "IPC Admin" } }} }, `
        MaximumAllowed, AllowMaximum, Status, InstallDate, `
        @{n='Access';e={ $Access }}
  }
  Return $Shares
}

Open in new window

0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question