Hi Friends,

 

I need powershell script to dump all the shared folder and thier permission from serverlist.txt. the below code just giving me the shares but not the permissions.

$strComputer = gc C:\ps-test\serverlist.txt
foreach ($computer in $strComputer) {
$colItems = get-wmiobject -class "Win32_Share" -namespace "root\CIMV2" -computername $computer
foreach ($colItem in $colItems) {
$sharename = $colItem.Name
$share = "\\" + $computer + "\" + $sharename | Out-File C:\ps-test\result.txt -NoClobber -Append
$share
}
}

Function Get-NtfsRights($name,$path,$comp)
{
	$path = [regex]::Escape($path)
	$share = "\\$comp\$name"
	$wmi = gwmi Win32_LogicalFileSecuritySetting -filter "path='$path'" -ComputerName $comp
	$wmi.GetSecurityDescriptor().Descriptor.DACL | where {$_.AccessMask -as [Security.AccessControl.FileSystemRights]} |select `
				@{name="Principal";Expression={"{0}\{1}" -f $_.Trustee.Domain,$_.Trustee.name}},
				@{name="Rights";Expression={[Security.AccessControl.FileSystemRights] $_.AccessMask }},
				@{name="AceFlags";Expression={[Security.AccessControl.AceFlags] $_.AceFlags }},
				@{name="AceType";Expression={[Security.AccessControl.AceType] $_.AceType }},
				@{name="ShareName";Expression={$share}}
}



gc serverlist.txt | foreach {
	if ($shares = Get-WmiObject Win32_Share -ComputerName $_ | Where {$_.Path})
	{
		$shares | Foreach { Write-Progress -Status "Get share information on $($_.__Server)" $_.Name
			Get-NtfsRights $_.Name $_.Path $_.__Server}
	}
	else {"Failed to get share information from {0}." -f $($_.ToUpper())}
} | ft Principal,Rights,AceFlags,AceType -GroupBy ShareName -Wrap | Out-File result.txt

• Edited by KazunMVP Thursday, March 29, 2012 2:02 PM __Server
• Proposed as answer by ErfanTaheri Monday, December 22, 2014 12:06 PM

Function Get-NtfsRights($name,$path,$comp)
{
	$path = [regex]::Escape($path)
	$share = "\\$comp\$name"
	$wmi = gwmi Win32_LogicalFileSecuritySetting -filter "path='$path'" -ComputerName $comp
	$wmi.GetSecurityDescriptor().Descriptor.DACL | where {$_.AccessMask -as [Security.AccessControl.FileSystemRights]} |select `
				@{name="Principal";Expression={"{0}\{1}" -f $_.Trustee.Domain,$_.Trustee.name}},
				@{name="Rights";Expression={[Security.AccessControl.FileSystemRights] $_.AccessMask }},
				@{name="AceFlags";Expression={[Security.AccessControl.AceFlags] $_.AceFlags }},
				@{name="AceType";Expression={[Security.AccessControl.AceType] $_.AceType }},
				@{name="ShareName";Expression={$share}}
}



gc serverlist.txt | foreach {
	if ($shares = Get-WmiObject Win32_Share -ComputerName $_ | Where {$_.Path})
	{
		$shares | Foreach { Write-Progress -Status "Get share information on $($_.__Server)" $_.Name
			Get-NtfsRights $_.Name $_.Path $_.__Server}
	}
	else {"Failed to get share information from {0}." -f $($_.ToUpper())}
} | ft Principal,Rights,AceFlags,AceType -GroupBy ShareName -Wrap | Out-File result.txt

• Edited by KazunMVP Thursday, March 29, 2012 2:02 PM __Server
• Proposed as answer by ErfanTaheri Monday, December 22, 2014 12:06 PM

Hello Kazun,

Thanks for your reply and for script. I tried to run the script which you have given but I am getting below errors.

Could you please guide me on this?

 

The term 'Get-NtfsRights' is not recognized as the name of a cmdlet, function,
script file, or operable program. Check the spelling of the name, or if a path
was included, verify that the path is correct and try again.
At H:\Scripts\Get-SharedFolder\Get-NtfsRights.ps1:5 char:18
+             Get-NtfsRights <<<<  $_.Name $_.Path $server}
    + CategoryInfo          : ObjectNotFound: (Get-NtfsRights:String) [], Comm
   andNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

Hi Kazun, this worked ok for me :)

One request however could you get the output to a csv/xls file instead?

so that each server and it shares and permissions could be shown nicely?

 

 

Hi Kazun, this worked ok for me :)

One request however could you get the output to a csv/xls file instead?

so that each server and it shares and permissions could be shown nicely?

 

 

Replace - ft Principal,Rights,AceFlags,AceType -GroupBy ShareName -Wrap | Out-File result.txt to Export-CSV result.csv

• Proposed as answer by Heckter Friday, November 25, 2011 12:12 PM

Hi Kazun, this worked ok for me :)

One request however could you get the output to a csv/xls file instead?

so that each server and it shares and permissions could be shown nicely?

 

 

Replace - ft Principal,Rights,AceFlags,AceType -GroupBy ShareName -Wrap | Out-File result.txt to Export-CSV result.csv

• Proposed as answer by Heckter Friday, November 25, 2011 12:12 PM

Please, suggest me why I have an error running this script ?!?

Get-WmiObject : Cannot validate argument on parameter 'ComputerName'. The argum
ent is null or empty. Supply an argument that is not null or empty and then try
 the command again.

In serverlist.txt is written one, correct  servername.
I checked command: Get-WmiObject Win32_Share -ComputerName My_Servername
and worked fine. Listed shares.

Below whole first error message:

Get-WmiObject : Cannot validate argument on parameter 'ComputerName'. The argument is null or empty. Supply an argument that is not null or empty and then try the command again
.
At C:\scripts\shares.ps1:5 char:83
+     $wmi = gwmi Win32_LogicalFileSecuritySetting -filter "path='$path'" -ComputerName <<<<  $comp
    + CategoryInfo          : InvalidData: (:) [Get-WmiObject], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Kazun,

I also was getting the same error as pavko_x and noticed that the $server variable in the line below wasn't defined anywhere:

$shares | Foreach { Write-Progress -Status "Get share information on $($_.__Server)" $_.Name
Get-NtfsRights $_.Name $_.Path $server}

Changing $server to $_.__Server resolved the issue. 

Joe

Thx Joe.

• Proposed as answer by mag8990 Saturday, October 05, 2013 8:32 PM

Thx Joe.

• Proposed as answer by mag8990 Saturday, October 05, 2013 8:32 PM

Can you tell me why there is double underline befor Server >>  __Server   in $_.__Server ?

Can you tell me why there is double underline befor Server >>  __Server   in $_.__Server ?

PS >  Get-WmiObject Win32_Share | fl __*


__GENUS          : 2
__CLASS          : Win32_Share
__SUPERCLASS     : CIM_LogicalElement
__DYNASTY        : CIM_ManagedSystemElement
__RELPATH        : Win32_Share.Name="ADMIN$"
__PROPERTY_COUNT : 10
__DERIVATION     : {CIM_LogicalElement, CIM_ManagedSystemElement}
__SERVER         : WINPC
__NAMESPACE      : root\cimv2
__PATH           : \\WINPC\root\cimv2:Win32_Share.Name="ADMIN$"

 thx

The script Worked like a charm but , how do I import the same permission and create share using PS command .

Hi I am looking for a script to pull share folder information mentioned below.

folder shared in all the servers

last modified date and created date

size of the share folder if disk quote in place

permissions for each user on that shared directory

Please help, we need to finish it asap. 

Hi Kazun

Thx for the script, works great :)

I have one down side to it tho, it does not list network shares that have a space in them.

I get the following error message when the script gets to a share with a space in the name:

Get-WmiObject : Invalid query
At line:5 char:13
+     $wmi = gwmi <<<<  Win32_LogicalFileSecuritySetting -filter "path='$path'" -ComputerName $comp
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], ManagementException
    + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
 
You cannot call a method on a null-valued expression.
At line:6 char:28
+     $wmi.GetSecurityDescriptor <<<< ().Descriptor.DACL | where {$_.AccessMask -as [Security.AccessControl.FileSystemRights]} |select `
    + CategoryInfo          : InvalidOperation: (GetSecurityDescriptor:String) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

Do you think there is a solution for Share that have spaces in them?

• Edited by Rumz79 Thursday, June 20, 2013 11:26 AM Added Error Message

Hi Kazun

Thx for the script, works great :)

I have one down side to it tho, it does not list network shares that have a space in them.

I get the following error message when the script gets to a share with a space in the name:

Get-WmiObject : Invalid query
At line:5 char:13
+     $wmi = gwmi <<<<  Win32_LogicalFileSecuritySetting -filter "path='$path'" -ComputerName $comp
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], ManagementException
    + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
 
You cannot call a method on a null-valued expression.
At line:6 char:28
+     $wmi.GetSecurityDescriptor <<<< ().Descriptor.DACL | where {$_.AccessMask -as [Security.AccessControl.FileSystemRights]} |select `
    + CategoryInfo          : InvalidOperation: (GetSecurityDescriptor:String) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

Do you think there is a solution for Share that have spaces in them?

• Edited by Rumz79 Thursday, June 20, 2013 11:26 AM Added Error Message

Hi Kazun,

This script didn't work with hidden shared folder on Windows Server 2008. Is there a way to get NTFS permissions on hidden shared folders?

Thanks

This script works perfectly for me.... but I need to list the folder size and the folder path also... Would you please help me a little on this one?

Perfect!  Ran like a champ.  Thanks!!!

Hello Kazun,

I am getting bellow error: Please help me

You cannot call a method on a null-valued expression.

At C:\temp\DFSDataCollection\CollectSharesPermissionF.ps1:6 char:2

+     $wmi.GetSecurityDescriptor().Descriptor.DACL | where {$_.AccessMask -as [Securi ...

+    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException

    + FullyQualifiedErrorId : InvokeMethodOnNull

Thank you