ModemJunki Posted November 30, 2009 Share Posted November 30, 2009 Hi all, I need some hints. To protect my users from themselves, I need to check systems for any shares with "everyone" having permissions, and replace the "everyone" permission with "authenticated users". If "everyone" isn't part of the share permissions I can leave it be. So the hint I need is how to check shares to determine the accounts applied to them, either remotely or local? I can puzzle out the rest using psexec or whatever (at least, I will try to puzzle it out.) I have a service account that is an admin on all machines which can be used to run such tasks. Always carry a towel. Link to comment Share on other sites More sharing options...
dara Posted November 30, 2009 Share Posted November 30, 2009 (edited) I never tried but you asked for a hint: _Net_Share_ShareEnum _Net_Share_ShareSetInfo edit: Ah sorry it will not work Edited November 30, 2009 by dara Link to comment Share on other sites More sharing options...
dara Posted November 30, 2009 Share Posted November 30, 2009 (edited) I made this from the help file. It shows: Entries read ............: 14 \\MYPC\g has Everyone \\MYPC\J has Everyone \\MYPC\shared has Everyone You can use the same tool to remove permissions with /REMOVE but I ve not implemented on my test. bonus, you can run that tool remotely, just replace @computername expandcollapse popup;you will need to download MS tools RMTSHARE.exe in the same folder as where the script is run ;ftp://ftp.microsoft.com/bussys/winnt/winnt-public/reskit/nt40/i386/RMTSHAR.EXE #include <GuiConstantsEx.au3> #include <NetShare.au3> #include <WindowsConstants.au3> #include <Constants.au3> Opt('MustDeclareVars', 1) Global $iMemo Func checkEveryOne($sharename) ;return 0 if "Everyone" not found on the share ;otherwise return >0 Local $line="" Local $result = Run("RMTSHARE.EXE " & $sharename, @SystemDir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD) While 1 $line = $line & StdoutRead($result) If @error Then ExitLoop Wend msgbox(0,$sharename,$line) return stringinstr($line,"Everyone") EndFunc _Main() Func _Main() Local $hGUI, $iI, $aInfo Local Const $sShareName = "AutoIt Share" local $currentShare="" ; Create GUI $hGUI = GUICreate("NetShare", 400, 300) ; Create memo control $iMemo = GUICtrlCreateEdit("", 2, 2, 396, 296, $WS_VSCROLL) GUICtrlSetFont($iMemo, 9, 400, 0, "Courier New") GUISetState() ; Show information about all local shares $aInfo = _Net_Share_ShareEnum (@ComputerName) MemoWrite("Entries read ............: " & $aInfo[0][0]) For $iI = 1 To $aInfo[0][0] $currentShare="\\" & @ComputerName &"\"& $aInfo[$iI][0] if checkEveryOne($currentShare)>0 then MemoWrite($currentShare & " has Everyone") Next Do Until GUIGetMsg() = $GUI_EVENT_CLOSE EndFunc ;==>_Main ; Write message to memo Func MemoWrite($sMessage = "") GUICtrlSetData($iMemo, $sMessage & @CRLF, 1) EndFunc ;==>MemoWrite forgot to add, when you download the tool RMTSHAR.EXE, double click on it one tme and it will decompress RMTSHARE.EXE in the same folder. This is the tool called by the script Edited November 30, 2009 by dara Link to comment Share on other sites More sharing options...
ModemJunki Posted December 2, 2009 Author Share Posted December 2, 2009 Thanks for the hints. I had to put this aside for now, got some other stuff going, but I will try soon. Can't seem to download that .exe from the FTP link here at work, I will google for it though. Always carry a towel. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now