Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Need help in modifying Powershell script to list all File shares with everyone permission

Posted on 2016-09-07
2
Medium Priority
?
192 Views
Last Modified: 2016-09-07
People,

I've found this script to search through the multiple lines of OU of any Server shares with Everyone permission granted. Butsomehow it doesn't work anymore ?

#OU Locations, make sure the index is in order, 1, 2, 3, etc. 
#you cannot have 3 without 2, etc. 
$ous = @{} 
$ous[1] = 'LDAP://OU=Test OU,DC=domain,DC=com' 
$ous[2] = 'LDAP://OU=Production Servers,OU=Servers,DC=domain,DC=com' 
$ous[3] = 'LDAP://CN=Computers,DC=domain,DC=com' 

#set logfile directory 
$script:logfile = "C:\TEMP\everyoneshares.txt" 

#This pulls all computer accounts from AD 
function getresults($path,$cert) { 
	$objDomain = New-Object System.DirectoryServices.DirectoryEntry 
	$objSearcher = New-Object System.DirectoryServices.DirectorySearcher 
	$objSearcher.SearchRoot = New-Object System.DirectoryServices.DirectoryEntry($path) 
	$objSearcher.PageSize = 1000 

	# How many to retrieve at a time. Not output size. 
	$objSearcher.Filter = $strFilter 
	$objSearcher.PropertiesToLoad.Add("cn") >$null 
	$colResults = $objSearcher.FindAll() 

		foreach ($objResult in $colResults) { 
			$objItem = $objResult.Properties 
            $computer = $objItem.cn[0] 
			$computer = $objItem.cn 
            $script:comps += $computer 
		} 
} 

#This runs the getresults function for each OU supplied above 
$script:comps = @() 
foreach ($ou in 1 .. $ous.Count) { 
	if ($ous.$ou) { 
		$strFilter = "(&(objectClass=Computer))" 
		getresults $ous.$ou 
	} 
} 

$comps = $script:comps | Sort name $script:mylist = @() write-host `n 

foreach ($comp in $comps) {
#1 
	#here's where we actually pull each share from the current computer 
	$shares = gwmi Win32_LogicalShareSecuritySetting -co $comp -erroraction silentlycontinue | ? {$_.Name -notlike "*$"} if ($shares) {
	#2 
		foreach ($share in $shares){
		#3 
			$SecurityDescriptor = $Share.GetSecurityDescriptor() 
            ForEach ($DACL in $SecurityDescriptor.Descriptor.DACL) {
			#4 
				$myshare = "" | Select Server, Share, ID, AccessMask 
				$myshare.Server = $comp 
				$myshare.Share = $share.name 
				$myshare.ID = $DACL.Trustee.Name 
				Switch ($DACL.AccessMask) {
				#5 
					2032127 {$AccessMask = "FullControl"} 
					1179785 {$AccessMask = "Read"} 
					1180063 {$AccessMask = "Read, Write"} 
					1179817 {$AccessMask = "ReadAndExecute"} 
					-1610612736 {$AccessMask = "ReadAndExecuteExtended"} 
					1245631 {$AccessMask = "ReadAndExecute, Modify, Write"} 
					1180095 {$AccessMask = "ReadAndExecute, Write"} 
					268435456 {$AccessMask = "FullControl (Sub Only)"} 
					default {$AccessMask = $DACL.AccessMask} 
				}
				#5 
				$myshare.AccessMask = $AccessMask 
				if (($AccessMask -eq "FullControl") -AND ($myshare.ID -eq "Everyone")){
					$script:mylist += $myshare
				} Clear-Variable AccessMask -ErrorAction SilentlyContinue 
			}#4 
		}#3 
	}#2 
}#1 
$mylist | out-file $script:logfile 
$count = $mylist.count 
write-output `n "found $count shares where Everyone was given FullControl" | out-file $script:logfile -append write-host `n

Open in new window


This is the error message that I got:

Sort-Object : A positional parameter cannot be found that accepts argument '$null'.
At line:42 char:26
+ $comps = $script:comps | Sort name $script:mylist = @() write-host `n
+                          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Sort-Object], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.SortObjectCommand
 
Where-Object : A positional parameter cannot be found that accepts argument 'if'.
At line:47 char:93
+ ... roraction silentlycontinue | ? {$_.Name -notlike "*$"} if ($shares) {
+                                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Where-Object], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.WhereObjectCommand

.....

few hundred lines.... the same as above.

.....

Where-Object : A positional parameter cannot be found that accepts argument 'if'.
At line:47 char:93
+ ... roraction silentlycontinue | ? {$_.Name -notlike "*$"} if ($shares) {
+                                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Where-Object], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.WhereObjectCommand
 
 
Out-File : Cannot validate argument on parameter 'Encoding'. The argument "write-host" does not belong to the set "unknown,string,unicode,bigendianunicode,utf8,utf7,utf32,ascii,default,oem" specified by the ValidateSet attribute. Supply an argument that is 
in the set and then try the command again.
At line:81 char:111
+ ... s given FullControl" | out-file $script:logfile -append write-host `n
+                                                             ~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Out-File], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.OutFileCommand

Open in new window


So any help would be greatly appreciated.

Thanks,
0
Comment
2 Comments
 
LVL 41

Accepted Solution

by:
footech earned 2000 total points
ID: 41789044
You're missing some line breaks.  The line numbers above don't match up with the error messages.  Line 40 should be like
$comps = $script:comps | Sort name
$script:mylist = @()
write-host `n

Open in new window

And line 45 should have a line break before the If statement.
0
 
LVL 8

Author Closing Comment

by:Senior IT System Engineer
ID: 41789097
THanks !
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
It is a real story and is one of my scariest tech experiences. Most users think that IT experts like us know how to fix all computer problems. However, if there is a time constraint and you MUST not fail the task or you will lose your job, a simple …
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question