Get Share permissions and Share NTFS permissions

Contains two functions that can be used together to view the Share permissions and the NTFS permissions on each share on a server or servers.

 
 
 
 
 
3.4 Star
(36)
21,504 times
Add to favorites
Storage
2/22/2012
E-mail Twitter del.icio.us Digg Facebook
  • List of servers
    2 Posts | Last post November 14, 2018
    • Anyone know how to run this against a list of servers? I tried adding the code below. It works with one server name in the list but it will not work with multiple.
      
       $serverName = get-content "serverlist.txt"
      
      Get-ShareNTFSPermissions -comp $serverName | Export-Csv "C:\Scripts\Output.csv" -NoTypeInformation
      
      
    • Import-Module C:\Temp\FileSharePermissions\FileSharePermissions.psm1
      $ComputerName = gc "C:\Temp\PC_List.txt"
      ForEach($Computer in $ComputerName) {
          Get-SharePermissions -comp $Computer | Export-Csv -Path C:\Temp\SharePerms.csv -NoTypeInformation -Append
      }
  • export to a csv only full control evryone
    1 Posts | Last post August 17, 2017
    • Is there a way to export only permissions with evryone and full control in a csv?
  • Script not reporting all ACLs for a directory
    3 Posts | Last post September 11, 2014
    • I had to troubleshoot this briefly...after the innermost set of $arrntfs | add-member commands I had to add $ntfsreport += $arrntfs so that every one of the acl members was included in the report.  Otherwise it was only returning the last entry, duplicated.  The use of finally to add the arrshare/arrntfs array to each of the reports was used incorrectly as well - it was leading to the duplicate entries for the last array.
    • Hello, i am not sure where to add $ntfsreport += $arrntfs exactly, or how you fixed this script to show all NTFS permissions on a shared folder. Can you help please?
    •                         #iterate through each ACL 
                              ForEach ($acl in $acls.access) { 
      
                                  If ($acl.FileSystemRights -match "\d") { 
                                      Switch ($acl.FileSystemRights) { 
                                          2032127 {$AccessMask = "FullControl"} 
                                          1179785 {$AccessMask = "Read"} 
                                          1180063 {$AccessMask = "Read, Write"} 
                                          1179817 {$AccessMask = "ReadAndExecute"} 
                                          -1610612736 {$AccessMask = "ReadAndExecuteExtended"} 
                                          1245631 {$AccessMask = "ReadAndExecute, Modify, Write"} 
                                          1180095 {$AccessMask = "ReadAndExecute, Write"} 
                                          268435456 {$AccessMask = "FullControl (Sub Only)"} 
                                          default {$AccessMask = "Unknown"} 
                                          }                                 
                                      } 
                                  Else { 
                                      $AccessMask = $acl.FileSystemRights 
                                      }                                 
                                  
      			    $arrntfs = New-Object PSObject                     
                                  #Process NTFS Report          
                                  $arrntfs | Add-Member NoteProperty Computer $c               
                                  $arrntfs | Add-Member NoteProperty ShareName $Share.name 
                                  $arrntfs | Add-Member NoteProperty Path $share.path 
                                  $arrntfs | Add-Member NoteProperty NTFS_User $acl.IdentityReference 
                                  $arrntfs | Add-Member NoteProperty NTFS_Rights $AccessMask 
      #FIX                        
      			    $ntfsreport += $arrntfs  
      #FIX                        
  • recursion??
    1 Posts | Last post July 12, 2013
    • i'm not a powershell scripter and this is a great script.  
      
      ... but how about recursion on the NTFS perms so we can look at 
  • restore the NTFS and Share permissions
    1 Posts | Last post May 28, 2013
    • the script is great and exporting the details without any issue with both the functions.
      
      How to restore the same ? in case of any crash. Please help.
  • Unable to get this to work
    1 Posts | Last post May 24, 2013
    • I am sorry I am new to scripting and having issues. I am worried that I am on a newer version of powershell and that is causing me the issue. I followed all the steps belwo but cant get any screen informaiton generated. I was able to get this to run when I port to a file but the file comes up with the same results for every server or workstation I try. Here are the results.
      
      #TYPE System.String
      Length
      119
      105
      17
      48
      104
      54
      1
      
      
       Help this script would save me lots of time.
      
      ~Barry
  • Does not list user groups for IdentityReference
    1 Posts | Last post May 02, 2013
    • Hi Boe
      
      The NTFS function only list the permissions for the system and built-in groups. How can your module be modified to list the NTFS permissioons for all groups?
      
      Thanks for your hard work.
      
      ~Tony 
  • Unable to get this to work
    1 Posts | Last post September 24, 2012
    • I ran: Import-Module FileSharePermissions.psm1 and also dot-sourced the psm1 file. I ran the functions from the PSShell like so: Get-ShareNTFSPermissions -computer localhost (or other names) and get lots of errors:
      
      Get-Acl : The UNC path should be of the form \\server\share.
      At C:\Powershell Scripts\shareperm.ps1:145 char:40
      +                         $acls = Get-ACL <<<<  "\\$computer\$remoteshare"
          + CategoryInfo          : InvalidArgument: (\\localhost\:String) [Get-Acl], ArgumentException
          + FullyQualifiedErrorId : ItemExistsArgumentError,Microsoft.PowerShell.Commands.GetAclCommand
      
      Get-Acl : Cannot find path '\\localhost\' because it does not exist.
      At C:\Powershell Scripts\shareperm.ps1:145 char:40
      +                         $acls = Get-ACL <<<<  "\\$computer\$remoteshare"
          + CategoryInfo          : ObjectNotFound: (:) [Get-Acl], ItemNotFoundException
          + FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.PowerShell.Commands.GetAclCommand
      
      
      
      Computer    : localhost
      ShareName   :
      Path        :
      NTFS_User   :
      NTFS_Rights :
      
      Computer    : localhost
      ShareName   :
      Path        :
      NTFS_User   :
      NTFS_Rights :
      
      What I'm I doing wrong?
  • One NTFS Permission Per Share Returned
    1 Posts | Last post September 05, 2012
    • aburrow stated on 7.31.2011 "When I run the Get-ShareNTFSPermissions function though I'm only getting back one "NTFS_User" per share though." I am getting the same output, any ideas?
  • Filter Shares and Printers
    1 Posts | Last post July 17, 2012
    • I like what you have done.  The way you "switch" the AccessMask is great, as is the way you return an object.  
      Now would you please make it so that I can filter which shares to get their permissions, instead of all for a computer?  Something like an -include or -exclude would be wonderful.
      Also, since I have a shared printer, the Get-Acl for get-ShareNTFSPermissions fails on that, so would you please handle printers better?
1 - 10 of 13 Items