remove share permission from everyone to authenticated user.

Welcome Forums General PowerShell Q&A remove share permission from everyone to authenticated user.

This topic contains 1 reply, has 2 voices, and was last updated by

 
Participant
2 years, 6 months ago.

  • Author
    Posts
  • #38068

    Participant
    Points: 0
    Rank: Member

    Hi Powershell gurus,

    I'm fairly new to powershell, I 've a business need to remove the "everyone" permission both from the NTFS and file permission and replace it with Authenticated user. the shares are located in different site and domain. I'm planning on running the script from a management server that has access to the shares. I found the following script but turn with a bunch of errors, any help will be greatly appreciated.

    foreach($share in (Get-WmiObject win32_share |?{$_.name -notmatch "C\$|ADMIN\$|IPC\$|NETLOGON SYSVOL"} | select -expandProperty Name))
    {
    #get settings
    $set = get-wmiobject -Class Win32_LogicalshareSecuritySetting -filter "Name='$share'"

    #filter Everyone out
    $revised = $set.GetSecurityDescriptor().Descriptor.Dacl | Where {$_.trustee.name -ne 'Everyone'}

    #set the new ACL
    $descriptor = $set.GetSecurityDescriptor().descriptor
    $descriptor.dacl = $revised
    $set.SetSecurityDescriptor($descriptor)
    }

  • #38590

    Participant
    Points: 0
    Rank: Member

    The CMDLets in the NTFSSecurity Module should be exactly what you need:

    https://gallery.technet.microsoft.com/scriptcenter/1abd77a5-9c0b-4a2b-acef-90dbb2b84e85

The topic ‘remove share permission from everyone to authenticated user.’ is closed to new replies.