Skip to content

klennan/PowerShell

Repository files navigation

PowerShell

My public PowerShell code

File Share Procedure

Investigation & Recording

Using the function Get-FileSharePermissions

This function requires a path to explore, and supports an optional -NoRecurse switch. It will check that the path exists, and use Get-ChildItem to recursively retrieve directories. The directories are then passed to Get-MAAclRule, which does the work or retrieving the ACLs for each directory (Get-ACL) and then adds additional properties to the object (The full path, ACL owner, scan date and the attribute to support the SQLReporting module).

An object per ACL rule will be returned. To save these to SQL, simply pipe them to Add-FileShareRuleToSQL The additional ScanDate attribute enables tracking of changes over time.

Get-FileSharePermissions -Path "\\Server\Sharename" | Add-FileShareRuleToSQL

Using the function Add-FileSharePermissionToSQL

This function requires a SQL database to store the ACLs found on the file structure. Using simple queries on this table can surface undesired ACLs which need repaired or removed.

Look for user accounts with permission applied directly on the directories:

SELECT * from <database>.dbo.FileShareACL WHERE [IsInherited] = 0 AND [IdentityReference] not like '<Domain>\SHARE_%'

About

My public PowerShell code

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published