Purpose:
Connects to active directory and pulls a list of all computer objects that are servers and check ACL permissions
Import-Module ActiveDirectory #Most of the information to do this was from this site. #http://blogs.technet.com/b/heyscriptingguy/archive/2009/09/14/hey-scripting-guy-september-14-2009.aspx Function Get-ACLPermissions($Share){ $acl = Get-Acl -Path $Share return $ACL } function Get-MyShares { #Function by #http://www.peetersonline.nl/2008/11/finding-shares-with-powershell/ param([string]$Server) $Shares = Get-WmiObject -Class Win32_Share -ComputerName $Server $output = @() ForEach ($Share in $Shares) { $fullpath = “\\{0}\{1}” -f $server, $share.name Add-Member -MemberType NoteProperty -InputObject $Share -Name FullPath -Value $fullpath $output += $Share } Return $output } #Path to where the CSV file is written to $PathtoCSV = "C:\temp\AuditACL.csv" #Create Header in CSV "Server;Share;Username;FileSystemRights;AccessControlType;IsInherited;InheritanceFlags" > $PathtoCSV #Get all computers that are servers from AD $Servers = Get-ADComputer -Filter {OperatingSystem -Like "Windows Server*"} -Property * | Select -Expand Name $i = 0 foreach ($Server in $Servers) # update counter and write progress { $i++ Write-Progress -activity "Scanning Machine $Server" -status "Scanned: $i of $($Servers.Count)" -percentComplete (($i / $Servers.Count) * 100) # Get all Shares on server $Shares = Get-MyShares $Server | Select -ExpandProperty Name foreach ($Share_Current in $Shares){ #Process all Shares on Server $fullpath = "\\$Server\$Share_Current" $ShareACL = Get-ACLPermissions $fullpath $o = 0 $ShareACL.Access | ForEach-Object { $FileSystemRights = $ShareACL.Access[$o] | Select -ExpandProperty FileSystemRights #Example ReadAndExecute $AccessControlType = $ShareACL.Access[$o] | Select -ExpandProperty AccessControlType #Example Allow/Deny $IdentityReference = $ShareACL.Access[$o] | Select -ExpandProperty IdentityReference #Example Everyone,Username $IsInherited = $ShareACL.Access[$o] | Select -ExpandProperty IsInherited #Are Permissions inherited $InheritanceFlags = $ShareACL.Access[$o] | Select -ExpandProperty InheritanceFlags #Type of Inheritance ContainerInherit $PropagationFlags = $ShareACL.Access[$o] | Select -ExpandProperty PropagationFlags #PropagationFlags $o++ switch -wildcard ($FileSystemRights) { #Should be a better way to do this via function "268435456*" {$FileSystemRights = "FullControl"} "-536805376*" {$FileSystemRights = "Modify, Synchronize"} "-1610612736*" {$FileSystemRights = "ReadAndExecute, Synchronize"} } $Combine = $Server,$fullpath,$IdentityReference,$FileSystemRights,$AccessControlType,$IsInherited,$InheritanceFlags Write-Host "$Combine to $PathtoCSV" $Combine -join ";" >> $PathtoCSV } } }
No comments:
Post a Comment