Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Audit Level Listing of Share Permissions

Status
Not open for further replies.
netsj

netsj

Technical User
Joined
Jul 31, 2007
Messages
9
Location
US
For SOX compliance, auditors are requesting a listing of all shares on all servers and associated user/group permissions. I have ShareEnum and Srvcheck, and throgh this I can develop a list of all shares on a server and associated permissions, but this does not show me administrative share permissions (such as C:\$ and IPC$, etc.). Writing a seperate script I can list all the shares on every server including admin shares, but not permissions. Combining the two is currently beyond my skillset.

In summary, I need a script that lists every share on every server in a domain, including administrative and hidden shares, and their associated group/user permissions.

Thank you in advance!
 
Sort by date Sort by votes
Do a google search for rmtshare

Hope This Helps, PH.
FAQ219-2884
FAQ181-2886
 
Upvote 0 Downvote
I have RMTShare - it lists all shares but does not list associated permissions.
 
Upvote 0 Downvote
does not list associated permissions
sure it does ...
 
Upvote 0 Downvote
Ok - I must be missing something - rather than 'sure it does' how about an example of the proper syntax? I see how I can grant and remove permissions, but not list them.

so - rmtshare \\servername ???

Thank you!
 
Upvote 0 Downvote
First you grab the share names (ie you capture the output of rmtshare \\servername) and then for each share you grab the result of rmtshare \\servername\sharename

Hope This Helps, PH.
FAQ219-2884
FAQ181-2886
 
Upvote 0 Downvote
Ok - I see what you're seeing now, thanks. Tying this into my other post, do you have a canned wrapper that will do the required nesting? I have the main command that runs this agains every server and gets the shares listed, but haven't figured out how to nest the second step that will pull the rmtshare permissions of each enumerated share.

This is the script I'm using for share enumeration:

'*************************************************************
' Script Witten by Larry Heintz
' March 2006 ' This script will reveal all user and hidden shares on a
' computer. It will show you the share name, share comment
' and share path. You will also have the option to run the
' script against a AD Domain or Work Group name. The script
' also saves the shares information into a comma delimited
' file.
'
' Script Usages:
' List Shares on Single PC: cscript shares.vbs /computer:[computername]
' List Shares on AD Domain/Work Group: cscript shares.vbs /adwg:[ad domain or workgroup name]
'*************************************************************
Dim objStdOut,args
Dim computername,adwg
Set args = Wscript.Arguments.Named
computername = args.Item("computer")
adwg = args.Item("adwg")
logpath = getLogPath()

if wscript.arguments.count = 0 then
wscript.echo "Script Usages:"
wscript.echo "List Shares on Single PC: cscript shares.vbs /computer:[computername]"
wscript.echo "List Shares on AD Domain/Work Group: cscript shares.vbs /adwg:[ad domain or workgroup name]"
elseif args.exists("computer") then
Call listShares(computername)
elseif args.exists("adwg") then
Call listSharesADWG(adwg)
end if

Function listShares(computername)
On Error Resume Next
Dim objshares,share
set objshares = GetObject("winmgmts:{impersonationLevel=impersonate}\\" & computername & "\root\cimv2").ExecQuery("SELECT * FROM Win32_Share")
wscript.echo "Shares for " & ucase(computername) & vbcrlf
wscript.echo "Name" & space(11) & "Comment" & space(13) & "Path"
wscript.echo "=====" & space(10) & "========" & space(12) & "====="
for each share in objshares
Call writeLog(computername,share.name,share.caption,share.path)
wscript.echo share.name & space(15-(len(share.name))) & share.caption & space(20-len(share.caption)) & share.path
next
set objshares = nothing
wscript.echo ""
End Function

Function listSharesADWG(adwg)
set container = getobject("WinNT://" & adwg)
container.filter = array("computer")
for each computer in container
listShares(computer.name)
next
set container = nothing
End Function

Function getLogPath()
Dim temp,temp2
temp = split(wscript.scriptfullname,"\")
for i = 0 to ubound(temp) - 1
temp2 = temp2 & temp(i) & "\"
next
getLogPath = temp2
End Function

Function writeLog(computername,sharename,sharecomment,sharepath)
Dim FSO,objFSOwriteline
Set FSO = CreateObject("Scripting.FileSystemObject")
Set objFSOwriteline = FSO.OpenTextFile(getLogPath() & "\shares.log", 8,True)
objFSOwriteline.WriteLine(computername & "," & sharename & "," & sharecomment & "," & sharepath)
objFSOwriteline.close
Set objFSOwriteline = nothing
Set FSO = nothing
End Function

Thanks again!
 
Upvote 0 Downvote
A starting point:
Set sh = CreateObject("WScript.Shell")
For Each share In objshares
sh.Run "rmtshare \\" & computername & "\" & share.name
Next

To grab the output of a command have a look at the WshScriptExec object.

Hope This Helps, PH.
FAQ219-2884
FAQ181-2886
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Alexvb6
  • Locked
  • Question Question
Deprecation of VBScript + Classic ASP: How to Ask Microsoft to cancel their planned craziness
Replies
0
Views
891
Alexvb6
Alexvb6
wchull
  • Locked
  • Question Question
How do I resolve this permissions error in my script?
Replies
0
Views
617
wchull
wchull
paullem
  • Locked
  • Question Question
vbscript to read properties of JPEG file
Replies
4
Views
1K
paullem
paullem
PiotrMP006
  • Locked
  • Question Question
How to quickly check if a file has 1 or more lines of text?
Replies
1
Views
645
combo
combo
Katto
  • Locked
  • Question Question
Paste picture from clipboard into aslide of an opened powerpoint file
Replies
0
Views
411
Katto
Katto

Part and Inventory Search

Sponsor

Back
Top