Re: I need to review the security of all the shares on my domain
- From: "Mathieu CHATEAU" <gollum123@xxxxxxx>
- Date: Mon, 24 Sep 2007 20:06:38 +0200
Hello,
You may first scan to identify all network share, looking specially on workstation (developpers, if you read me..)
I use this script:
'**************************************
If Wscript.Arguments.Count <> 1 Then
Wscript.Echo "Syntax error"
Wscript.Echo _
"cscript //nologo CreateGroups.vbs OU TO CHECK"
Wscript.Quit
End If
ouName = Wscript.Arguments(0)
Const ForWriting = 2
strComputerContainer = "ou=" & ouname & ",dc=MYDOMAIN,dc=COM"
Const SHUTDOWN = 12
Set objShell = CreateObject("WScript.Shell")
Set objContainer = GetObject("LDAP://"; & strComputerContainer)
objContainer.Filter = Array("Computer")
For Each objComputer In objContainer
strComputer = Split(objComputer.Name, "=")(1)
If IsConnectible(strComputer, 1, 50) Then
'-----------------------
err.number = 0
Set objWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\cimv2")
Set objItems = objWMI.ExecQuery("SELECT Name, Description, Path FROM Win32_Share")
' Loop through each share on the computer...
For Each objItem In objItems
If objItem.Name <> "IPC$" and objItem.Name <> "C$" and objItem.Name <> "ADMIN$" Then
wscript.echo strComputer & ":" & objItem.Name
End If
Next
Else
wscript.echo strComputer & ": not on the network"
End if
Next
Function IsConnectible(sHost, iPings, iTO)
If iPings = "" Then iPings = 2
If iTO = "" Then iTO = 750
Const OpenAsASCII = 0
Const FailIfNotExist = 0
Const ForReading = 1
Set oShell = CreateObject("WScript.Shell")
Set oFSO = CreateObject("Scripting.FileSystemObject")
sTemp = oShell.ExpandEnvironmentStrings("%TEMP%")
sTempFile = sTemp & "\runresult.tmp"
oShell.run "%comspec% /c ping.exe -n " & iPings & " -w " & iTO & " " & sHost & ">" & sTempFile, 0 , True
Set fFile = oFSO.OpenTextFile(sTempFile, ForReading, FailIfNotExist, OpenAsASCII)
sResults = fFile.ReadAll
fFile.Close
oFSO.DeleteFile(sTempFile)
Select Case InStr(sResults,"TTL=")
Case 0 IsConnectible = False
Case Else IsConnectible = True
End Select
End Function
--
Cordialement,
Mathieu CHATEAU
http://lordoftheping.blogspot.com
"miponte" <miponte@xxxxxxxxx> wrote in message news:1190629920.447224.283290@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi there, i´ll try to explain my problem:
My network is going to be audited and I need to check the
security configuration of all the network shares i have on my domain
to see if just the groups and users that need to have access to each
share are the correctly configured.
Does anyone know any software, script, console or method that can
help me to achieve this without checking manually each share in each
server (it could take ages).
Thanks.
Miguel.
.
- References:
- Prev by Date: take ownership and reset perms
- Next by Date: Re: I need to review the security of all the shares on my domain
- Previous by thread: I need to review the security of all the shares on my domain
- Next by thread: Re: I need to review the security of all the shares on my domain
- Index(es):
Relevant Pages
|
Loading
