I am limited to PowerShell 2.
I am trying to capture all share folders where full control is set for the "everyone" user group.
I have found the PowerShell command below which lists out the current shares, however, it does not list the people it is shared to:
Get-WmiObject -Class Win32_LogicalShareSecuritySetting
With this check, I would like to make sure no share folders have the "everyone" user group selected to full control.
Can anyone help me with this please?
Edit: To only output the shares if the full control option is present for the everyone user group:
Get-ACL
is the command for checking permissions on a folder/share. You should be able to pass the shares outputted from the WMI class to this command to check permissions. docs.microsoft.com/en-us/powershell/module/… – Jonathan WaringGet-WmiObject win32_logicalsharesecuritysetting | ForEach-Object {$Path = "\\localhost\" + $_.Name; Get-Acl -Path $Path | Select-Object -ExpandProperty Access | Where-Object IdentityReference -eq 'Everyone'}
I ran this on my local machine that only has one share but it should work for multiple. If you are running the code on the machine that hosts the shares then it should work as is. If you are running it against a remote machine you can replace \\localhost\ with \\<machinename>\ – Jonathan Waring