Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Need a PowerShell script to list shares and share permissions residing on a remote server

Posted on 2008-10-24
4
Medium Priority
?
7,132 Views
Last Modified: 2012-06-27
I'm a VERY new user to powerShell and would like to get a listing of the shares and share permissions on remote servers.  I know the start is "Get-WMIObject Win32_Share -computername myserver" but beyond that I haven't been successful.  What I'm looking for is something like the following:
Sharename
User1 - modify
User2 - readOnly
Domain Admins - full

0
Comment
Question by:Diannec
  • 2
4 Comments
 
LVL 18

Expert Comment

by:BSonPosh
ID: 22799791
Do you want NTFS permissions or Share permissions?
0
 

Author Comment

by:Diannec
ID: 22802735
right now I'm looking for Share permissions
0
 
LVL 18

Accepted Solution

by:
BSonPosh earned 750 total points
ID: 22812843
Ah... that is quite another beast.

unfortunately, I believe you need to rely on an external app for this one

rmtshare (from NT 4.0 reskit)

This assumes rmtshare is in your path.
$results = rmtshare.exe $share
$results | ?{$_ -match "\w+\\.+\:"}

Open in new window

0
 

Expert Comment

by:sonytechsoft
ID: 25578846
I found a webpage describing solution without relying on external tools here:

http://www.highorbit.co.uk/?p=972

Examples:
PS C:\> Get-ShareACL Test
PS C:\> (Get-ShareACL Test).Access


function Get-ShareACL {
  Param(
    [String]$Name = "%",
    [String]$Computer = $Env:ComputerName
  )
 
  $Shares = @() 
  Get-WMIObject Win32_Share `
    -Computer $Computer -Filter "Name LIKE '$Name'" | `
    %{
      $Access = @();
      If ($_.Type -eq 0) {
        $SD = (Get-WMIObject -Class Win32_LogicalShareSecuritySetting `
          -Computer $Computer `
          -Filter "Name='$($_.Name)'").GetSecurityDescriptor().Descriptor
        $SD.DACL | %{
          $Trustee = $_.Trustee.Name
          If ($_.Trustee.Domain -ne $Null) { $Trustee = "$($_.Trustee.Domain)\$Trustee" }
          $Access += New-Object System.Security.AccessControl.FileSystemAccessRule( `
            $Trustee, $_.AccessMask, $_.AceType)
        }
      }
      $Shares += $_ | Select-Object Name, Path, Description, Caption, `
        @{n='Type';e={ Switch ($_.Type) {
          0 { "Disk Drive" }
          1 { "Print Queue" }
          2 { "Device" }
          2147483648 { "Disk Drive Admin" }
          2147483649 { "Print Queue Admin" }
          2147483650 { "Device Admin" }
          2147483651 { "IPC Admin" } }} }, `
        MaximumAllowed, AllowMaximum, Status, InstallDate, `
        @{n='Access';e={ $Access }}
  }
  Return $Shares
}

Open in new window

0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Screencast - Getting to Know the Pipeline

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question