I am limited to PowerShell 2.
I am trying to capture all share folders where full control is set for the "everyone" user group.
I have found the PowerShell command below which lists out the current shares, however, it does not list the people it is shared to:
Get-WmiObject -Class Win32_LogicalShareSecuritySetting
With this check, I would like to make sure no share folders have the "everyone" user group selected to full control.
Can anyone help me with this please?
Edit: To only output the shares if the full control option is present for the everyone user group:
@JonathanWaring is on the right track. The comparison statement in the Where-Object
command did not exist till PowerShell 3.0, so we have to adjust the code a little in order it to work with PowerShell 2.0. We should also make it output more information on the path:
$Found = @()
Get-WmiObject win32_logicalsharesecuritysetting | ForEach-Object {
$Path = "\\localhost\" + $_.Name
Get-Acl -Path $Path | Select-Object Path -ExpandProperty Access | ForEach-Object {
If($_.IdentityReference -eq 'Everyone' -and $_.FileSystemRights -eq 'FullControl')
{
$Found += $_.Path
}
}
}
Write-Host "Found: $($Found.Count)"
Write-Host "Share locations:"
$Found | ForEach-Object {
Write-Host $_.Replace('Microsoft.PowerShell.Core\FileSystem::\\localhost\','')
}