Some work-related scripts in case anyone finds them useful or I want them whilst I'm visiting somewhere. I'll probably update this when I have more in a fit state to add, and would also recommend checking out scripts at http://www.rlmueller.net/index.html -- so far I haven't explored PowerShell a great deal and prefer to follow the principle of "living off the land" rather than looking to other software, so most will be batch or VBScript snippets.
But before those, here's a handy one for SQL Server 2005 onwards (cache) which produces three reports showing permissions at server, database and object level. Although it's best run with the sysadmin or serveradmin server level permission, depending on server configuration it might give you useful output for the first two reports even without -- http://www.sqlservercentral.com/scripts/Administration/67567/
First, this is a fairly specific one I find helpful for checking folders set up to receive files for import into a system, where it's often the case there's a share that contains subfolders for each input. Again, it's intended to be run with suitable permissions, and was written under Windows 7. Every bit of whitespace is relevant to the parsing.
SharePerms.bat @REM - Share permissions plus folder and immediate subfolder NTFS permissions @REM - Usage: SharePerms.bat [sharename] @REM - eg, As admin on the relevant server: SharePerms.bat "Data" > permissions.txt @REM @NET SHARE "%1" @FOR /F "delims=" %%b IN ('net share "%1" ^| find "Path "') DO @SET pathline=%%b @SET folderpath=%pathline:Path =% @ICACLS "%folderpath%" && @ECHO. @FOR /F "tokens=*" %%a IN ('dir /b /on /ad "%folderpath%\"') DO @ICACLS "%folderpath%\%%a" && @ECHO.
For more general testing it's important to be able to tell what's exposed to an ordinary user on a network. Since NetBIOS has been deprecated you probably want to ask Active Directory what servers are on a domain, and this is essentially the same query you can make via the "My Network Places" GUI.
ListServers.vbs ''' cscript //nologo ListServers.vbs > servers.txt '' adapted from http://www.rlmueller.net/Enumerate%20Servers.htm ' Option Explicit Dim objRootDSE, strDNSDomain, adoConnection, adoCommand, strQuery Dim adoRecordset, strComputerDN, strBase, strFilter, strAttributes Set objRootDSE = GetObject("LDAP://RootDSE") strDNSDomain = objRootDSE.Get("defaultNamingContext") Set adoCommand = CreateObject("ADODB.Command") Set adoConnection = CreateObject("ADODB.Connection") adoConnection.Provider = "ADsDSOObject" adoConnection.Open "Active Directory Provider" adoCommand.ActiveConnection = adoConnection strBase = "<LDAP://" & strDNSDomain & ">" strFilter = "(&(objectCategory=computer)(operatingSystem=*server*))" strAttributes = "cn" strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" adoCommand.CommandText = strQuery adoCommand.Properties("Page Size") = 100 adoCommand.Properties("Timeout") = 30 adoCommand.Properties("Cache Results") = False Set adoRecordset = adoCommand.Execute Do Until adoRecordset.EOF strComputerDN = adoRecordset.Fields("cn").Value Wscript.Echo strComputerDN adoRecordset.MoveNext Loop adoRecordset.Close adoConnection.Close
Once you know what servers you're looking at, you probably want to see what shared folders each has and whether the contents are accessible.
ListShares.bat @REM ListShares.bat servers.txt > shares.txt @REM @echo off SETLOCAL ENABLEDELAYEDEXPANSION for /f %%a in ('sort %1') do ( set server=%%a for /f "delims=" %%b in ('net view \\%%a /all ^| find " Disk "') do ( set string1=%%b for /F "tokens=1,2 delims=¢" %%c in ("!string1: Disk = ¢!") do ( set string2=%%c for /F "tokens=1,2 delims=¢" %%d in ("!string2: =¢!") do ( set share=%%d set use=\\!server!\!share! echo !use! echo. dir "!use!" echo. ) ) ) )