Solved

Need help in modifying Powershell script to list all File shares with everyone permission

Posted on 2016-09-07
2
82 Views
Last Modified: 2016-09-07
People,

I've found this script to search through the multiple lines of OU of any Server shares with Everyone permission granted. Butsomehow it doesn't work anymore ?

#OU Locations, make sure the index is in order, 1, 2, 3, etc. 
#you cannot have 3 without 2, etc. 
$ous = @{} 
$ous[1] = 'LDAP://OU=Test OU,DC=domain,DC=com' 
$ous[2] = 'LDAP://OU=Production Servers,OU=Servers,DC=domain,DC=com' 
$ous[3] = 'LDAP://CN=Computers,DC=domain,DC=com' 

#set logfile directory 
$script:logfile = "C:\TEMP\everyoneshares.txt" 

#This pulls all computer accounts from AD 
function getresults($path,$cert) { 
	$objDomain = New-Object System.DirectoryServices.DirectoryEntry 
	$objSearcher = New-Object System.DirectoryServices.DirectorySearcher 
	$objSearcher.SearchRoot = New-Object System.DirectoryServices.DirectoryEntry($path) 
	$objSearcher.PageSize = 1000 

	# How many to retrieve at a time. Not output size. 
	$objSearcher.Filter = $strFilter 
	$objSearcher.PropertiesToLoad.Add("cn") >$null 
	$colResults = $objSearcher.FindAll() 

		foreach ($objResult in $colResults) { 
			$objItem = $objResult.Properties 
            $computer = $objItem.cn[0] 
			$computer = $objItem.cn 
            $script:comps += $computer 
		} 
} 

#This runs the getresults function for each OU supplied above 
$script:comps = @() 
foreach ($ou in 1 .. $ous.Count) { 
	if ($ous.$ou) { 
		$strFilter = "(&(objectClass=Computer))" 
		getresults $ous.$ou 
	} 
} 

$comps = $script:comps | Sort name $script:mylist = @() write-host `n 

foreach ($comp in $comps) {
#1 
	#here's where we actually pull each share from the current computer 
	$shares = gwmi Win32_LogicalShareSecuritySetting -co $comp -erroraction silentlycontinue | ? {$_.Name -notlike "*$"} if ($shares) {
	#2 
		foreach ($share in $shares){
		#3 
			$SecurityDescriptor = $Share.GetSecurityDescriptor() 
            ForEach ($DACL in $SecurityDescriptor.Descriptor.DACL) {
			#4 
				$myshare = "" | Select Server, Share, ID, AccessMask 
				$myshare.Server = $comp 
				$myshare.Share = $share.name 
				$myshare.ID = $DACL.Trustee.Name 
				Switch ($DACL.AccessMask) {
				#5 
					2032127 {$AccessMask = "FullControl"} 
					1179785 {$AccessMask = "Read"} 
					1180063 {$AccessMask = "Read, Write"} 
					1179817 {$AccessMask = "ReadAndExecute"} 
					-1610612736 {$AccessMask = "ReadAndExecuteExtended"} 
					1245631 {$AccessMask = "ReadAndExecute, Modify, Write"} 
					1180095 {$AccessMask = "ReadAndExecute, Write"} 
					268435456 {$AccessMask = "FullControl (Sub Only)"} 
					default {$AccessMask = $DACL.AccessMask} 
				}
				#5 
				$myshare.AccessMask = $AccessMask 
				if (($AccessMask -eq "FullControl") -AND ($myshare.ID -eq "Everyone")){
					$script:mylist += $myshare
				} Clear-Variable AccessMask -ErrorAction SilentlyContinue 
			}#4 
		}#3 
	}#2 
}#1 
$mylist | out-file $script:logfile 
$count = $mylist.count 
write-output `n "found $count shares where Everyone was given FullControl" | out-file $script:logfile -append write-host `n

Open in new window


This is the error message that I got:

Sort-Object : A positional parameter cannot be found that accepts argument '$null'.
At line:42 char:26
+ $comps = $script:comps | Sort name $script:mylist = @() write-host `n
+                          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Sort-Object], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.SortObjectCommand
 
Where-Object : A positional parameter cannot be found that accepts argument 'if'.
At line:47 char:93
+ ... roraction silentlycontinue | ? {$_.Name -notlike "*$"} if ($shares) {
+                                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Where-Object], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.WhereObjectCommand

.....

few hundred lines.... the same as above.

.....

Where-Object : A positional parameter cannot be found that accepts argument 'if'.
At line:47 char:93
+ ... roraction silentlycontinue | ? {$_.Name -notlike "*$"} if ($shares) {
+                                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Where-Object], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.WhereObjectCommand
 
 
Out-File : Cannot validate argument on parameter 'Encoding'. The argument "write-host" does not belong to the set "unknown,string,unicode,bigendianunicode,utf8,utf7,utf32,ascii,default,oem" specified by the ValidateSet attribute. Supply an argument that is 
in the set and then try the command again.
At line:81 char:111
+ ... s given FullControl" | out-file $script:logfile -append write-host `n
+                                                             ~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Out-File], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.OutFileCommand

Open in new window


So any help would be greatly appreciated.

Thanks,
0
Comment
2 Comments
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 41789044
You're missing some line breaks.  The line numbers above don't match up with the error messages.  Line 40 should be like
$comps = $script:comps | Sort name
$script:mylist = @()
write-host `n

Open in new window

And line 45 should have a line break before the If statement.
0
 
LVL 7

Author Closing Comment

by:Senior IT System Engineer
ID: 41789097
THanks !
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question