The SysInternals ShareEnum.exe program relies on the NETBIOS browser list and chokes in very large domains. I wanted a program which let me to audit share permissions with greater flexiblity.
ShareEnum.wsf is an alternative to ShareEnum.exe. It relies on WMI to enumerate share permissions. The WMI share security decoding was written by Chris Wolf and found in a 2006 article at redmondmag.com.
The script can read your list from Active Directory, and it can also process a list of files. It ignores admin shares, and optionally ingnores print$ shares. I recommend that you run it with elevated rights from an administrator’s workstation with Excel installed. If Excel is installed, it will write the report to an XLS file. If Excel is not installed, it will write to a tab delimited text file. If you choose a single computer, the information will be written to an IE based display window.
The WSF file is an interesting format, as it permits you to have multiple “job” files. I use it here to separate the front end from the working code. Rename the file from ShareEnum_wsf.txt to ShareEnum.wsf.