How to run this script against a list of servers from a text

Ask your PowerShell-related questions, including questions on cmdlet development!
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
User avatar
tonyf
Posts: 12
Joined: Mon Aug 30, 2010 11:59 pm

How to run this script against a list of servers from a text

Post by tonyf »

HI

How can run the follwoing script against a list servers?

I've tried a foreach loop and the get-content cmdlet.

Also how can I filter two specific shares?

Thanks
PowerShell Code
Double-click the code block to select all.
Function Get-SharePermissions($ShareName){
    $Share = Get-WmiObject win32_LogicalShareSecuritySetting -Filter "name='$ShareName'"
    if($Share){
        $obj = @()
        $ACLS = $Share.GetSecurityDescriptor().Descriptor.DACL
        foreach($ACL in $ACLS){
            $User = $ACL.Trustee.Name
            if(!($user)){$user = $ACL.Trustee.SID}
            $Domain = $ACL.Trustee.Domain
            switch($ACL.AccessMask)
            {
                2032127 {$Perm = "Full Control"}
                1245631 {$Perm = "Change"}
                1179817 {$Perm = "Read"}
            }
            $obj = $obj + "$Domain\$user  $Perm<br>"
        }
    }
    if(!($Share)){$obj = " ERROR: cannot enumerate share permissions. "}
    Return $obj
} # End Get-SharePermissions Function

Function Get-NTFSOwner($Path){
    $ACL = Get-Acl -Path $Path
    $a = $ACL.Owner.ToString()
    Return $a
} # End Get-NTFSOwner Function

Function Get-NTFSPerms($Path){
    $ACL = Get-Acl -Path $Path
    $obj = @()
    foreach($a in $ACL.Access){
        $aA = $a.FileSystemRights
        $aB = $a.AccessControlType
        $aC = $a.IdentityReference
        #$aD = $a.IsInherited
        #$aE = $a.InheritanceFlags
        #$aF = $a.PropagationFlags
        #$obj = $obj + "$aC | $aB | $aA | $aD | $aE | $aF <br>"
		$obj = $obj + "$aC | $aB | $aA <br>"
    }
    Return $obj
} # End Get-NTFSPerms Function

Function Get-AllShares{
    $a = Get-WmiObject win32_share -Filter "type=0"
    Return $a
} # End Get-AllShares Function



# Create Webpage Header
$z = "<!DOCTYPE html PUBLIC `"-//W3C//DTD XHTML 1.0 Strict//EN`"  `"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd`">"
$z = $z + "<html xmlns=`"http://www.w3.org/1999/xhtml`">"
$z = "<head><style>"
$z = $z + "TABLE{border-width: 2px;border-style: solid;border-color: black;border-collapse: collapse;}"
$z = $z + "TH{border-width: 2px;padding: 4px;border-style: solid;border-color: black;background-color:lightblue;text-align:left;font-size:14px}"
$z = $z + "TD{border-width: 1px;padding: 4px;border-style: solid;border-color: black;font-size:12px}"
$z = $z + "</style></head><body>"
$z = $z + "<H4>Share Report for $env:COMPUTERNAME</H4>"
$z = $z + "<table><colgroup><col/><col/><col/><col/><col/><col/></colgroup>"
$z = $z + "<tr><th>Share Name</th><th>Location</th><th>NTFS Permissions<br>User Identity | Access Control | Rights</th><th>NTFS Owner</th><th>Share Permissions<th></tr>"


$MainShares = Get-AllShares
Foreach($MainShare in $MainShares){
    $MainShareName = $MainShare.Name
    $MainLocation = $MainShare.Path
    $MainNTFSPermissions = Get-NTFSPerms -Path $MainLocation
    $MainNTFSOwner = Get-NTFSOwner -Path $MainLocation
    $MainSharePermissions = Get-SharePermissions -ShareName $MainShareName
    $MainShareDescription = $MainShare.Description
    
    
	$z = $z + "<tr><td>$MainShareName</td><td>$MainLocation</td><td>$MainNTFSPermissions</td><td>$MainNTFSOwner</td><td>$MainSharePermissions</td><td>$MainShareDescription</td></tr>"
    
 }

$z = $z + "</table></body></html>"
$OutFileName = $env:COMPUTERNAME + "ShareReport.html"
Out-File -FilePath .\$OutFileName -InputObject $z -Encoding ASCII
$OutFileItem = Get-Item -Path .\$OutFileName
Write-Host " Report available here: $OutFileItem" -Foregroundcolor Yellow
Exit

jvierra
Posts: 14475
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: How to run this script against a list of servers from a

Post by jvierra »

TO run any script against a list of anythin we would enumerate the file.
PowerShell Code
Double-click the code block to select all.
Get-Content servers.txt |
     ForEach-Object{
         # call script file and pass variable $_ which is current line of file
         c:\folder\filename.ps1 -server $_
     }

jvierra
Posts: 14475
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: How to run this script against a list of servers from a

Post by jvierra »

You will also ned to alter the file with a PAram statement and pass the variable to the Get-AllShares function.
PowerShell Code
Double-click the code block to select all.
# add to top of file
Param(
    $server
)

User avatar
tonyf
Posts: 12
Joined: Mon Aug 30, 2010 11:59 pm

Re: How to run this script against a list of servers from a

Post by tonyf »

Do you mean pass the parameter here?
PowerShell Code
Double-click the code block to select all.
Function Get-AllShares{
$a = Get-WmiObject win32_share -ComputerName $Server -Filter "type=0" 
    Return $a
} # End Get-AllShares Function
I seem to be getting some progress because the follwoing error is for shares that exist on the remote server and not the local machine where I'm running the script

error:

Get-Acl : Cannot find path 'D:\eXpress' because it does not exist.
At D:\Utilities\Scripts\PowerShell\Test\Test-GetPerms.ps1:34 char:19
+ $ACL = Get-Acl <<<< -Path $Path
+ CategoryInfo : ObjectNotFound: (:) [Get-Acl], ItemNotFound
tion
+ FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.Pow
ll.Commands.GetAclCommand

jvierra
Posts: 14475
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: How to run this script against a list of servers from a

Post by jvierra »

I take it you didn't write the code you posted. If you didn't write it I suspect you do not know anything about scripting or the NT file system.

User avatar
tonyf
Posts: 12
Joined: Mon Aug 30, 2010 11:59 pm

Re: How to run this script against a list of servers from a

Post by tonyf »

That is correct I did not write this code and know little about scripting.

Thanks for your help.

User avatar
tonyf
Posts: 12
Joined: Mon Aug 30, 2010 11:59 pm

Re: How to run this script against a list of servers from a

Post by tonyf »

This part of the error: "Cannot find path 'D:\eXpress' because it does not exist"...tells me that the script is being run against the remote server in the servers.txt file because the eXpress share does exist on the remote server only and not on the computer where I am running the script...

jvierra
Posts: 14475
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: How to run this script against a list of servers from a

Post by jvierra »

Yes - you have to modofy the scipt to use the remote server everywhere you are getting information.

If you do not write scripts then you misght want to look for a script that does what you want.

I have no idea what you are trying to do. Have you tried using ICACLS?

What is the purpose for this?

User avatar
tonyf
Posts: 12
Joined: Mon Aug 30, 2010 11:59 pm

Re: How to run this script against a list of servers from a

Post by tonyf »

I've tried other scripts that I found on the net but nothing seems to work for me. The purpose of this script is to report on the Share and NTFS permissions of specific shares located on remote servers. The scripts that I've found either don't work, don't give me all of the info I need or only work on the local machine. No I have not tried ICACLS-I'll give it a try.

Thanks again

jvierra
Posts: 14475
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: How to run this script against a list of servers from a

Post by jvierra »

There are two things at work her.

1. Shares have permissions that are no in the file system.
2. FIles and folders have permissions.

For files and folders use ICACLS.

For shares use SubInAcl.

These are user utilities and don't require scripting skills. Both utilites and scipting require a technical training in Windows and are not ususally understandable by end users.

Locked