asked on Need help in modifying Powershell script to list all File shares with everyone permission
People,
I've found this script to search through the multiple lines of OU of any Server shares with Everyone permission granted. Butsomehow it doesn't work anymore ?
This is the error message that I got:
So any help would be greatly appreciated.
Thanks,
I've found this script to search through the multiple lines of OU of any Server shares with Everyone permission granted. Butsomehow it doesn't work anymore ?
#OU Locations, make sure the index is in order, 1, 2, 3, etc.
#you cannot have 3 without 2, etc.
$ous = @{}
$ous[1] = 'LDAP://OU=Test OU,DC=domain,DC=com'
$ous[2] = 'LDAP://OU=Production Servers,OU=Servers,DC=domain,DC=com'
$ous[3] = 'LDAP://CN=Computers,DC=domain,DC=com'
#set logfile directory
$script:logfile = "C:\TEMP\everyoneshares.txt"
#This pulls all computer accounts from AD
function getresults($path,$cert) {
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = New-Object System.DirectoryServices.DirectoryEntry($path)
$objSearcher.PageSize = 1000
# How many to retrieve at a time. Not output size.
$objSearcher.Filter = $strFilter
$objSearcher.PropertiesToLoad.Add("cn") >$null
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults) {
$objItem = $objResult.Properties
$computer = $objItem.cn[0]
$computer = $objItem.cn
$script:comps += $computer
}
}
#This runs the getresults function for each OU supplied above
$script:comps = @()
foreach ($ou in 1 .. $ous.Count) {
if ($ous.$ou) {
$strFilter = "(&(objectClass=Computer))"
getresults $ous.$ou
}
}
$comps = $script:comps | Sort name $script:mylist = @() write-host `n
foreach ($comp in $comps) {
#1
#here's where we actually pull each share from the current computer
$shares = gwmi Win32_LogicalShareSecuritySetting -co $comp -erroraction silentlycontinue | ? {$_.Name -notlike "*$"} if ($shares) {
#2
foreach ($share in $shares){
#3
$SecurityDescriptor = $Share.GetSecurityDescriptor()
ForEach ($DACL in $SecurityDescriptor.Descriptor.DACL) {
#4
$myshare = "" | Select Server, Share, ID, AccessMask
$myshare.Server = $comp
$myshare.Share = $share.name
$myshare.ID = $DACL.Trustee.Name
Switch ($DACL.AccessMask) {
#5
2032127 {$AccessMask = "FullControl"}
1179785 {$AccessMask = "Read"}
1180063 {$AccessMask = "Read, Write"}
1179817 {$AccessMask = "ReadAndExecute"}
-1610612736 {$AccessMask = "ReadAndExecuteExtended"}
1245631 {$AccessMask = "ReadAndExecute, Modify, Write"}
1180095 {$AccessMask = "ReadAndExecute, Write"}
268435456 {$AccessMask = "FullControl (Sub Only)"}
default {$AccessMask = $DACL.AccessMask}
}
#5
$myshare.AccessMask = $AccessMask
if (($AccessMask -eq "FullControl") -AND ($myshare.ID -eq "Everyone")){
$script:mylist += $myshare
} Clear-Variable AccessMask -ErrorAction SilentlyContinue
}#4
}#3
}#2
}#1
$mylist | out-file $script:logfile
$count = $mylist.count
write-output `n "found $count shares where Everyone was given FullControl" | out-file $script:logfile -append write-host `n
This is the error message that I got:
Sort-Object : A positional parameter cannot be found that accepts argument '$null'.
At line:42 char:26
+ $comps = $script:comps | Sort name $script:mylist = @() write-host `n
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Sort-Object], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.SortObjectCommand
Where-Object : A positional parameter cannot be found that accepts argument 'if'.
At line:47 char:93
+ ... roraction silentlycontinue | ? {$_.Name -notlike "*$"} if ($shares) {
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Where-Object], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.WhereObjectCommand
.....
few hundred lines.... the same as above.
.....
Where-Object : A positional parameter cannot be found that accepts argument 'if'.
At line:47 char:93
+ ... roraction silentlycontinue | ? {$_.Name -notlike "*$"} if ($shares) {
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Where-Object], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.WhereObjectCommand
Out-File : Cannot validate argument on parameter 'Encoding'. The argument "write-host" does not belong to the set "unknown,string,unicode,bigendianunicode,utf8,utf7,utf32,ascii,default,oem" specified by the ValidateSet attribute. Supply an argument that is
in the set and then try the command again.
At line:81 char:111
+ ... s given FullControl" | out-file $script:logfile -append write-host `n
+ ~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Out-File], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.OutFileCommand
So any help would be greatly appreciated.
Thanks,
PowershellActive DirectoryScripting LanguagesShell ScriptingWindows OS
Last Comment
Albert Widjaja
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
THanks !