windowspowershellacl

Powershell script to enumerate open file shares along with their shared permissions

Need some help in writing a powershell script to enumerate all open file shares along with their shared permissions in an organization . So far I have tried the below but facing issue with the shared permissions

$ComputersNames = Get-ADComputer -Filter * | select Name

$FileShares = New-Object "System.Collections.Generic.List[string]"

foreach ($ComputerName in '$ComputersNames')
{ 
    try 
    {
        $connected = (Test-Connection -BufferSize 32 -Count 1 -ComputerName $ComputerName -Quiet -ErrorAction Ignore)
       
        if ($connected)
        {
            
            $Shares = net view \\$ComputerName /all 2>&1 | select-object -Skip 7 |  ?{$_ -match 'disk*'} | %{$_ -match '^(.+?)\s+Disk*'|out-null;$matches[1]} 

            foreach ($Share in $Shares)
            {                                          
                $line = "\\$ComputerName\$Share"
                $FileShares.Add($line)

I know for listing shared permissions for the open sahres i have to use something similar as but not getting how to use it in the script to enumerate all open shares for all the computers

Invoke-Command -ComputerName **** -ScriptBlock {Get-SmbShare } | Select -ExpandProperty PresetPathAcl
Solution

  • Try following. You can add as many properties as you want to $newRow in the foreach loop

    $ComputersNames = Get-ADComputer -Filter * | select Name

$FileShares = [System.Collections.Generic.List[pscustomobject]]::new()

foreach ($ComputerName in '$ComputersNames')
{ 
    $newRow = New-Object -TypeName psobject
    $newRow | Add-Member -NotePropertyName 'Computer Name' -NotePropertyValue $ComputerName
    try 
    {
        $connected = (Test-Connection -BufferSize 32 -Count 1 -ComputerName $ComputerName -Quiet -ErrorAction Ignore)
       
        if ($connected)
        {
            
            $Shares = net view \\$ComputerName /all 2>&1 | select-object -Skip 7 |  ?{$_ -match 'disk*'} | %{$_ -match '^(.+?)\s+Disk*'|out-null;$matches[1]} 

            foreach ($Share in $Shares)
            {                                          
                $newRow | Add-Member -NotePropertyName 'Property Name' -NotePropertyValue "Property Value"
            }   
        }
     }
     $FileShares.Add($newRow)  | Out-Null
}

    Here is another solution moving the code around a little bit

    $ComputersNames = Get-ADComputer -Filter * | select Name

$FileShares = [System.Collections.Generic.List[pscustomobject]]::new()

foreach ($ComputerName in '$ComputersNames')
{ 
    try 
    {
        $connected = (Test-Connection -BufferSize 32 -Count 1 -ComputerName $ComputerName -Quiet -ErrorAction Ignore)
       
        if ($connected)
        {
            
            $Shares = net view \\$ComputerName /all 2>&1 | select-object -Skip 7 |  ?{$_ -match 'disk*'} | %{$_ -match '^(.+?)\s+Disk*'|out-null;$matches[1]} 

            foreach ($Share in $Shares)
            {                                          
                $newRow = [pscustomobject]@{
                   'Computer Name' = $ComputerName
                   'Property Name 1' = 'Property Value 1'
                   'Property Name 2' = 'Property Value 2'
                }
                $FileShares.Add($newRow)  | Out-Null

            }   
        }
     }
}