It would be great if someone can please help me achieve this...
<pre><pre lang="PowerShell">$Server = "ABC.com" # Get all shares on the computer #$Shares = Get-SmbShare $Shares = Get-WmiObject -ComputerName $Server -Class win32_share -Filter "Description != 'Remote Admin' and Description != 'Default share' and Description != 'Remote IPC' and Description != 'Printer Drivers'" | Select-Object Name -ExpandProperty Name # Loop through each share, check and remove Everyone permission foreach ($Share in $Shares) { ## Creating folderpath variable $FolderPath = "\\$Server\$share" ## Get Root Folder Permissions $Folders = @(Get-Item -Path $FolderPath | Select-Object Name,FullName,LastWriteTime,Length) ## Get Folders $error.clear() $Folders += Get-ChildItem -Path $FolderPath -Directory | Select-Object Name,FullName,LastWriteTime,Length -ErrorAction SilentlyContinue foreach ($err in $Error) { $err.Exception.Message | Out-File $ExportPath\AccessDenied.txt -Append } foreach ($Folder in $Folders){ ## Get access control list $Acls = Get-Acl -Path $Folder.FullName -ErrorAction SilentlyContinue ## Loop through ACL # Get Access permissions for current share and filter only permissions for group "Everyone" ## Loop through ACL foreach ($Acl in $Acls.Access) { $EveryonePermission = ($Acl.IdentityReference -like "everyone") # If the current share has permissions for Everyone, remove said permission if ($EveryonePermission) { Revoke-SmbShareAccess -name $Share -CimSession $Server -AccountName Everyone -Force Grant-SmbShareAccess -name $Share -CimSession $Server -AccountName Authenticated Users -AccessRight Full –Force #Get-SMBShare "\\$Server\$share" | Revoke-SMBShareAccess -AccountName "everyone" #Get-SMBShare "\\$Server\$share" | Grant-SMBShareAccess -Account "Username" -AccessRight "Full/Change/Read" #Revoke-SmbShareAccess -Name $Share.Name -ScopeName $EveryonePermission.ScopeName -AccountName $EveryonePermission.AccountName -Force #Grant-SmbShareAccess $Share.Name -AccountName 'Authenticated Users' -AccessRight Full -Force } } } }
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)