Search code examples
powershellpermissionslanguage-agnosticsmbcifs

Getting permissions of a remote SMB/CIFS share without remote powershell or WMI

I'm looking for a way to export the ACL of a SMB / CIFS share (not to be confused with the NTFS ACL) from a Windows machine connected to the share. So far, I can see the permissions in the advanced security properties of the share, but no way to export or parse them short of an AutoIT monstrosity.

enter image description here

I want to obtain this information in a format that I can parse, be it CSV, JSON, XML, etc.

I have checked this question which recommends using Powershell's Get-SmbShareAccess: Retrieving Remote File Share 'Share Permissions' Using Powershell and this TechNet question which uses Get-WmiObject: Get-wmiobject Win32_Share does not show Sharing Permissions but both assume we can get Powershell code executed on the server hosting the share: this isn't the case for me as the share is not hosted on windows and I don't have shell access to the machine.

I'm open to any language but would prefer Powershell if given the choice.

Solution

  • Windows explorer uses RPC via the win32 API method NetShareGetInfo(), but it's not easy to call it directly from Powershell.

    FileShareUtils is a fantastic gallery module that does all of this for you, and the best option that I could find:

    $share = Get-NetShare -Name 'MyShare' -Server 'MyFileServer01'

    Server              : MyServer01
Name                : MyShare
Path                : E:\Folder\Path
Description         : 
ABE                 : Enabled
CachingMode         : Manual
ShareACLText        : BUILTIN\Administrators|FullControl,Everyone|FullControl
CurrentUses         : 4
ConcurrentUserLimit : -1
BranchCache         : Disabled
Flags               : 2051
Type                : Disk Drive
ShareSDDL           : D:(A;;FA;;;WD)(A;;FA;;;BA)
ShareACL            : System.Security.AccessControl.DirectorySecurity

    $share.ShareACL.Access


FileSystemRights  : FullControl
AccessControlType : Allow
IdentityReference : Everyone
IsInherited       : False
InheritanceFlags  : None
PropagationFlags  : None

FileSystemRights  : FullControl
AccessControlType : Allow
IdentityReference : BUILTIN\Administrators
IsInherited       : False
InheritanceFlags  : None
PropagationFlags  : None

    I was not able to test whether the whole Get-NetShare works as a non-admin user, but if you can see the "Share" permissions in file explorer, then this should work for you. If do you still get access-denied messages, then you may be able to work your way through the module code and see where/why.