Public/Export-FSMSharePermissions.ps1
|
function Export-FSMSharePermissions { <# .SYNOPSIS Exports share-level permissions from a source file server to CSV. .DESCRIPTION For every non-special, non-excluded share on the source server, records each access control entry (account, allow/deny, and right) to a CSV. This is the input for Grant-FSMTargetSharePermissions. .PARAMETER SourceServer The file server to read permissions from. .PARAMETER OutputPath Full path to the CSV file to create. .PARAMETER ExcludeShareName Share names to skip. Defaults to the standard administrative/system shares. .PARAMETER Credential Optional credentials for the remote connection. .EXAMPLE Export-FSMSharePermissions -SourceServer oldfs01 -OutputPath C:\Temp\oldfs01-perms.csv #> [CmdletBinding()] param( [Parameter(Mandatory)] [ValidateNotNullOrEmpty()] [string]$SourceServer, [Parameter(Mandatory)] [ValidateNotNullOrEmpty()] [string]$OutputPath, [string[]]$ExcludeShareName = (Get-FSMDefaultExclusion), [pscredential]$Credential ) $permissions = @(Invoke-FSMRemote -ComputerName $SourceServer -Credential $Credential -ArgumentList (,$ExcludeShareName) -ScriptBlock { param([string[]]$ExcludeShareName) Get-SmbShare | Where-Object { -not $_.Special -and $ExcludeShareName -notcontains $_.Name } | ForEach-Object { $shareName = $_.Name Get-SmbShareAccess -Name $shareName | Select-Object ` @{Name = 'ShareName'; Expression = { $shareName }}, AccountName, AccessControlType, AccessRight } }) $folder = Split-Path -Path $OutputPath -Parent if ($folder -and -not (Test-Path -Path $folder)) { New-Item -Path $folder -ItemType Directory -Force | Out-Null } $permissions | Export-Csv -Path $OutputPath -NoTypeInformation -Encoding UTF8 Write-FSMStatus -Message "Exported $($permissions.Count) permission entry(ies) from $SourceServer to $OutputPath" -Level Success return $permissions } |