#Tony Unger
#Tonyunger.com
#Scans all AD servers for Shares
#50 servers at a time
#Will Prompt for creds
$i =0
import-module activedirectory
cls
$creds = Get-Credential
$myCol = @()
$Domain = "microsoft.com"
$Servers = Get-ADComputer -server $Domain -Filter {(OperatingSystem -Like "Windows Server*")-and (enabled -eq "true")} -Property SamAccountName | Select -expand Name
$scriptblock = {
param(
[string]$server,
$creds
)
Get-WmiObject Win32_Share -ComputerName $server -Credential $Creds | select *
}
foreach($server in $Servers){
$i++
$running = @(Get-Job | Where-Object { $_.State -eq 'Running' })
Write-Progress -Activity "Gathering computer info" -status "Currently on $server -- $i of $Servers.count" -percentComplete ($i / $Servers.count*100)
if ($running.Count -le 50) {
Start-Job -ScriptBlock $scriptblock -Name $server -ArgumentList $server, $creds
}
else {
$running | Wait-Job
}
}
while ($running.Count -ge 1) {
sleep 1
$running = @(Get-Job | Where-Object { $_.State -eq 'Running' })
}
foreach ($job in Get-Job ){
$recjobs = Receive-Job -Keep -Job $job
foreach ($recjob in $recjobs){
$Detail = New-Object PSObject
$Detail | Add-Member Noteproperty Name $recjob.name
$Detail | Add-Member Noteproperty Path $recjob.path
$Detail | Add-Member Noteproperty Server $recjob.__SERVER
$myCol += $Detail
}
}
$myCol
$myCol | export-csv -Path c:\TEMp\shares\output.csv -notype
Showing posts with label shares. Show all posts
Showing posts with label shares. Show all posts
Thursday, July 9, 2015
Powershell: Jobs - Search for shares in ad windows servers
Job script to search for shares in a active directory environment.
Update $Domain to your domain and run
Monday, October 13, 2014
Powershell: Find all shares on domain using Jobs
Purpose: This script will search AD for all servers and report any shares(includes printers)
This script will do 50 servers at a time
Requires RSAT tools powershell
cls
#Find Shares on all Domain computers 50 at a time
#www.tonyunger.com
cls
import-module activedirectory
#$Global:Servers = Get-Content "C:\temp\computers.txt"
$Global:Servers = Get-ADComputer -Filter {(OperatingSystem -Like "Windows Server*")-and (enabled -eq "true")} -Property SamAccountName | Select -expand Name
$Global:ReportPath = "C:\temp\Shares.txt"
$scriptblock = {
param($server)
$pingResult = Test-Connection -count 1 -ErrorAction SilentlyContinue $server | select IPV4Address
$Shares = Get-WmiObject Win32_Share -ComputerName $Server | select name
$values = @()
if($Error){
if( $Error -like "*Access is denied*"){
return ($server+",AccessDenied")
}
$Error.Clear()
return ($server+",")
}
foreach ($Share in $shares) {
$values += ($Server + "," + $Share)
}
return $values
}
function getdata{
$jobs = Get-Job | ? { $_.State -eq "Completed" }
foreach( $job in $jobs){
$results = Receive-Job $job
Add-Content $ReportPath $results
Remove-Job $job
}
}
Add-Content $ReportPath "Server,share"
foreach($server in $Servers){
while( (Get-Job).count -ge 50 ){
sleep -Seconds 1
getdata
}
Start-Job -ScriptBlock $scriptblock -ArgumentList $server
}
while( (get-job).count -ne 0 ){
sleep -Seconds 1
getdata
}
Thursday, May 9, 2013
Powershell: Read servers from AD and search for shares and return ACL permissions
Purpose:
Connects to active directory and pulls a list of all computer objects that are servers and check ACL permissions
Import-Module ActiveDirectory
#Most of the information to do this was from this site.
#http://blogs.technet.com/b/heyscriptingguy/archive/2009/09/14/hey-scripting-guy-september-14-2009.aspx
Function Get-ACLPermissions($Share){
$acl = Get-Acl -Path $Share
return $ACL
}
function Get-MyShares
{
#Function by
#http://www.peetersonline.nl/2008/11/finding-shares-with-powershell/
param([string]$Server)
$Shares = Get-WmiObject -Class Win32_Share -ComputerName $Server
$output = @()
ForEach ($Share in $Shares)
{
$fullpath = “\\{0}\{1}” -f $server, $share.name
Add-Member -MemberType NoteProperty -InputObject $Share -Name FullPath -Value $fullpath
$output += $Share
}
Return $output
}
#Path to where the CSV file is written to
$PathtoCSV = "C:\temp\AuditACL.csv"
#Create Header in CSV
"Server;Share;Username;FileSystemRights;AccessControlType;IsInherited;InheritanceFlags" > $PathtoCSV
#Get all computers that are servers from AD
$Servers = Get-ADComputer -Filter {OperatingSystem -Like "Windows Server*"} -Property * | Select -Expand Name
$i = 0
foreach ($Server in $Servers)
# update counter and write progress
{
$i++
Write-Progress -activity "Scanning Machine $Server" -status "Scanned: $i of $($Servers.Count)" -percentComplete (($i / $Servers.Count) * 100)
# Get all Shares on server
$Shares = Get-MyShares $Server | Select -ExpandProperty Name
foreach ($Share_Current in $Shares){
#Process all Shares on Server
$fullpath = "\\$Server\$Share_Current"
$ShareACL = Get-ACLPermissions $fullpath
$o = 0
$ShareACL.Access | ForEach-Object {
$FileSystemRights = $ShareACL.Access[$o] | Select -ExpandProperty FileSystemRights #Example ReadAndExecute
$AccessControlType = $ShareACL.Access[$o] | Select -ExpandProperty AccessControlType #Example Allow/Deny
$IdentityReference = $ShareACL.Access[$o] | Select -ExpandProperty IdentityReference #Example Everyone,Username
$IsInherited = $ShareACL.Access[$o] | Select -ExpandProperty IsInherited #Are Permissions inherited
$InheritanceFlags = $ShareACL.Access[$o] | Select -ExpandProperty InheritanceFlags #Type of Inheritance ContainerInherit
$PropagationFlags = $ShareACL.Access[$o] | Select -ExpandProperty PropagationFlags #PropagationFlags
$o++
switch -wildcard ($FileSystemRights)
{ #Should be a better way to do this via function
"268435456*" {$FileSystemRights = "FullControl"}
"-536805376*" {$FileSystemRights = "Modify, Synchronize"}
"-1610612736*" {$FileSystemRights = "ReadAndExecute, Synchronize"}
}
$Combine = $Server,$fullpath,$IdentityReference,$FileSystemRights,$AccessControlType,$IsInherited,$InheritanceFlags
Write-Host "$Combine to $PathtoCSV"
$Combine -join ";" >> $PathtoCSV
}
}
}
Subscribe to:
Posts (Atom)
-
Here is an excel document I created that will ping a list of nodes in column A and give results in column B. There are much better tools th... -
#reads event logs for filter and exports to $Date = ( Get-Date ).AddMinutes(-30) $LogName = 'Security' $ProviderName = ...
-
Using Google Chrome or MS Edge: Disable Javascript post page load. 1. Open console in dev tools 2. press ctrl - alt - p 3. In the run dial...