The PowerShell script described in this article allows you to find network shares on remote computers with permissions set to Full Control for the security group Everyone.

Sitaram Pamarthi

Sitaram Pamarthi is working as a Windows Engineer and his special fields of interest are PowerShell, Active Directory, Exchange, and virtualization.

Admins are often engaged in security audit activities. One common action item is to find all network shares with Full Control to Everyone and remove those permissions. Some tools are available on the Internet to do this, but a PowerShell script can be easily adapted for your purposes.

PowerShell script description ^

The PowerShell script described uses the Win32_LogicalShareSecuritySetting WMI class to query shares and their share permissions. The script returns a list of objects with details about each share and the security permissions set. The following command queries the shares:

Once the script gathers information about the shares, it processes each share in the list and queries name and security descriptor details. With this collected data, the script creates a new PSObject with the details we are interested in. The share name is a direct property ($Share.Name) for the object returned from the WMI query. Collecting security information is little more complex.

The script uses the GetSecurityDescriptor() method of the share object to get the security permissions list. The returned security permissions are again objects derived from the Win32_ACE WMI class. These security objects contain information about the account (user or domain) that has access to the share, the access mask (Full Control, Read, Write), and the access type (Allow/Deny/Audit). The script verifies the shares where the security group Everyone has Full Control permissions using the following IF condition:

Input ^

The script takes two arguments:

  • ComputerName: Name of the computer(s) on which you want to find the shares with Everyone having Full Control. You can pass computer name(s) or pipe the input to the script. See the Usage Examples section for some examples.
  • OutputDir: This is an optional parameter. By default, the script displays the output in Object format. If you want to get the list of shares where Everyone has Full Control in a single text file, specify the path of the folder where you need this file. When this parameter is specified, the script generates the list of shares and saves the details in a file called “Share Permissions <datetime>.log” in the folder you specified.

Output ^

By default, the script generates a table with three columns: EveryOneFullControl, ComputerName, and ShareName. The EveryOneFullControl column indicates whether a given share is configured with Everyone having Full Control or not. If so, the value is set to $true; if not, it is set to $false. The ComputerName column specifies the computer name on which the share is present. The ShareName column identifies the name of the share. For example:

PowerShell script output - Security group Everyone has Full Control permissions

PowerShell script output -  Security group Everyone has Full Control permissions

Usage Examples: ^

Find shares with Everyone having Full Control on a remote computer called PC1

Do the same operation (#1) on multiple computers:

Read server names from a text file and query for share details:

Save share details where Everyone has Full Control in a text file:

Download the PowerShell script

Join the 4sysops PowerShell group!

Your question was not answered? Ask in the forum!

2+
Share
17 Comments
  1. Uma 7 years ago

    Thanks for the script. It helped me.

    0

  2. Shekhar 6 years ago

    How can i do it for a subnet i.e. 172.16.3.1 to 172.16.3.254

    1+

  3. tmac 4 years ago

    Shekhar asks a good question, I know it was 2 years ago but can someone answer it?

    0

  4. HonzaScripter 4 years ago

    In reply to Shekhar's question, you can simply swap in the IP addresses instead of computer names.

    0

  5. Eugen 4 years ago

    How to filter only shared folders? It lists printers too.

    Thanks!

    0

  6. Marc 3 years ago

    Nice script!!!

    Is it possible to scan a domain?

    0

  7. nirav shah 3 years ago

     

    New-Object : A positional parameter cannot be found that accepts argument '鳳rop'.
    At C:\nirav\sadmin\share_folder_permission.ps1:12 char:16
    + $OutputObj = New-Object 傍ypeName PSObject 鳳rop (@{
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidArgument: (:) [New-Object], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.NewObjectCommand

    New-Object : A positional parameter cannot be found that accepts argument '鳳rop'.
    At C:\nirav\sadmin\share_folder_permission.ps1:56 char:17
    + $OutputObj = New-Object 傍ypeName PSObject 鳳rop (@{
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidArgument: (:) [New-Object], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.NewObjectCommand

    The property 'ShareName' cannot be found on this object. Verify that the property exists and can be set.
    At C:\nirav\sadmin\share_folder_permission.ps1:62 char:4
    + $OutputObj.ShareName = $Share.Name
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : PropertyNotFound

    The property 'EveryOneFullControl' cannot be found on this object. Verify that the property exists and can be set.
    At C:\nirav\sadmin\share_folder_permission.ps1:66 char:6
    + $OutputObj.EveryOneFullControl = $true
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : PropertyNotFound

    0

  8. Omar 3 years ago

    .\Get-Content c:\servers.txt | .\Get-NetworkShares.ps1

    This command using two scripts, Get-NetworkShares.ps1 and .\Get-Content ?

    Where to get ".\Get-Content" script?

    0

    • Michael Pietroforte 3 years ago

      Get-Content is not a script, it is cmdlet that comes with PowerShell. You can find more information about the cmdlet here.

      0

  9. Mani 3 years ago

    This Script provides output only for Sharing permissions not NTFS/Security Permission.

    Script should check both Sharing and NTFS permissions and then should give output with effective permissions.

    3+

  10. Lorenzo 2 years ago

    it's too new for me.  there is a way to make it with powreshell 2.0 ?

    Thanks.

    0

    • Luc Fullenwarth 2 years ago

      @Lorenzo

      Microsoft is going to deprectate Powershell 2.0 in the next release of Windows 10 and probably also Windows Server 2016.
      If you want to "survive" in IT you must work with the newest technologies every time it's possible.

      Since Windows 8 and Windows Server 2012 we have a new cmdlet to achieve all this even easier.

      Please have a look at the Get-SmbShareAccess cmdlet.

      https://technet.microsoft.com/en-us/library/jj635711(v=wps.630).aspx

      0

  11. Lorenzo 2 years ago

    I have an old infrastructure with the most of operating system with powershell 2.0 and Windows server 2008 r2. i need a solution.

    0

  12. Lorenzo 2 years ago

    Luc, i have an old infrastructure with Windows server 2008r2. i need a solution for this type of os and powershell 2.0.
    sorry.

    0

    • Luc Fullenwarth 2 years ago

      @Lorenzo

      Do you know that you can install Powershell 5.1 on Windows Server 2008 R2?
      Despite you won't have the Get-SmbShareAccess cmdlet, you will have plenty of other improvements.

      To come back to your initial need, if you have only Powershell 2.0 you have to pass through the knowledge of the article above to manage share permissions. Unfortunately, there is no easier method.

      0

  13. anil 7 months ago

    how to get full physical path within this script

    0

    • Swapnil Kambli 7 months ago

      Hi Anil,

      Within the script's shares loop, you can use Path property to get the physical path of the share

      1+

      Users who have LIKED this comment:

      • avatar

Leave a reply

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2019

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account