SMB Analyzer Tool
<# .SYNOPSIS SMB Analyzer Tool .DESCRIPTION This script analyzes SMB configurations, shares, and potential issues across servers in your network. .NOTES File Name : SMBAnalyzer.ps1 Author : [Your Name] Prerequisite : PowerShell V5.1 or later, appropriate admin permissions Version : 1.0 Date : [Current Date] .EXAMPLE .\SMBAnalyzer.ps1 #> # Global variables $global:reportPath = "$env:USERPROFILE\Desktop\SMB_Analysis_Report_$(Get-Date -Format 'yyyyMMdd_HHmmss').html" <# .SYNOPSIS Displays the main menu of the tool. #> function Show-Menu { Clear-Host Write-Host "=== SMB Analyzer Tool ===" -ForegroundColor Cyan Write-Host "1. Analyze SMB Shares" Write-Host "2. Check SMB Protocol Versions" Write-Host "3. Analyze SMB Security Settings" Write-Host "4. Check SMB Performance Counters" Write-Host "5. Analyze SMB Encryption Status" Write-Host "6. Check SMB Signing Configuration" Write-Host "7. Analyze SMB Client Connections" Write-Host "8. Generate Comprehensive HTML Report" Write-Host "9. Exit" } <# .SYNOPSIS Gets a list of servers to analyze. .OUTPUTS Array of server names. #> function Get-TargetServers { $option = Read-Host "Analyze (A)ll domain servers, (S)pecific servers, or (F)ile input? (A/S/F)" switch ($option.ToUpper()) { "A" { return (Get-ADComputer -Filter {OperatingSystem -like "*Server*"} | Select-Object -ExpandProperty Name) } "S" { $servers = @() do { $server = Read-Host "Enter server name (or press Enter to finish)" if ($server -ne "") { $servers += $server } } while ($server -ne "") return $servers } "F" { $filePath = Read-Host "Enter the path to the file containing server names" return (Get-Content $filePath) } default { Write-Host "Invalid option. Defaulting to all domain servers." -ForegroundColor Yellow return (Get-ADComputer -Filter {OperatingSystem -like "*Server*"} | Select-Object -ExpandProperty Name) } } } <# .SYNOPSIS Analyzes SMB shares on target servers. .PARAMETER Servers Array of server names to analyze. .OUTPUTS Array of PSObjects containing SMB share details. #> function Analyze-SMBShares { param([string[]]$Servers) Write-Host "`nAnalyzing SMB Shares..." -ForegroundColor Yellow $shareResults = @() foreach ($server in $Servers) { try { $shares = Get-SmbShare -CimSession $server -ErrorAction Stop foreach ($share in $shares) { $shareResults += [PSCustomObject]@{ Server = $server ShareName = $share.Name Path = $share.Path Description = $share.Description AccessBasedEnumerationEnabled = $share.FolderEnumerationMode } } } catch { Write-Host "Error analyzing shares on $server : $_" -ForegroundColor Red } } $shareResults | Format-Table -AutoSize return $shareResults } <# .SYNOPSIS Checks SMB protocol versions on target servers. .PARAMETER Servers Array of server names to analyze. .OUTPUTS Array of PSObjects containing SMB protocol version details. #> function Check-SMBProtocolVersions { param([string[]]$Servers) Write-Host "`nChecking SMB Protocol Versions..." -ForegroundColor Yellow $protocolResults = @() foreach ($server in $Servers) { try { $smbServer = Get-SmbServerConfiguration -CimSession $server -ErrorAction Stop $protocolResults += [PSCustomObject]@{ Server = $server EnableSMB1Protocol = $smbServer.EnableSMB1Protocol EnableSMB2Protocol = $smbServer.EnableSMB2Protocol } } catch { Write-Host "Error checking SMB protocol versions on $server : $_" -ForegroundColor Red } } $protocolResults | Format-Table -AutoSize return $protocolResults } <# .SYNOPSIS Analyzes SMB security settings on target servers. .PARAMETER Servers Array of server names to analyze. .OUTPUTS Array of PSObjects containing SMB security setting details. #> function Analyze-SMBSecuritySettings { param([string[]]$Servers) Write-Host "`nAnalyzing SMB Security Settings..." -ForegroundColor Yellow $securityResults = @() foreach ($server in $Servers) { try { $smbServer = Get-SmbServerConfiguration -CimSession $server -ErrorAction Stop $securityResults += [PSCustomObject]@{ Server = $server RequireSecuritySignature = $smbServer.RequireSecuritySignature EncryptData = $smbServer.EncryptData EnableAuthenticateUserSharing = $smbServer.EnableAuthenticateUserSharing EnableSecuritySignature = $smbServer.EnableSecuritySignature } } catch { Write-Host "Error analyzing SMB security settings on $server : $_" -ForegroundColor Red } } $securityResults | Format-Table -AutoSize return $securityResults } <# .SYNOPSIS Checks SMB performance counters on target servers. .PARAMETER Servers Array of server names to analyze. .OUTPUTS Array of PSObjects containing SMB performance counter details. #> function Check-SMBPerformanceCounters { param([string[]]$Servers) Write-Host "`nChecking SMB Performance Counters..." -ForegroundColor Yellow $performanceResults = @() foreach ($server in $Servers) { try { $counters = Get-Counter -ComputerName $server -Counter @( "\SMB Server\Data Bytes/sec", "\SMB Server\Read Bytes/sec", "\SMB Server\Write Bytes/sec" ) -ErrorAction Stop $performanceResults += [PSCustomObject]@{ Server = $server DataBytesPerSec = $counters.CounterSamples[0].CookedValue ReadBytesPerSec = $counters.CounterSamples[1].CookedValue WriteBytesPerSec = $counters.CounterSamples[2].CookedValue } } catch { Write-Host "Error checking SMB performance counters on $server : $_" -ForegroundColor Red } } $performanceResults | Format-Table -AutoSize return $performanceResults } <# .SYNOPSIS Analyzes SMB encryption status on target servers. .PARAMETER Servers Array of server names to analyze. .OUTPUTS Array of PSObjects containing SMB encryption status details. #> function Analyze-SMBEncryptionStatus { param([string[]]$Servers) Write-Host "`nAnalyzing SMB Encryption Status..." -ForegroundColor Yellow $encryptionResults = @() foreach ($server in $Servers) { try { $smbServer = Get-SmbServerConfiguration -CimSession $server -ErrorAction Stop $encryptionResults += [PSCustomObject]@{ Server = $server EncryptData = $smbServer.EncryptData RejectUnencryptedAccess = $smbServer.RejectUnencryptedAccess } } catch { Write-Host "Error analyzing SMB encryption status on $server : $_" -ForegroundColor Red } } $encryptionResults | Format-Table -AutoSize return $encryptionResults } <# .SYNOPSIS Checks SMB signing configuration on target servers. .PARAMETER Servers Array of server names to analyze. .OUTPUTS Array of PSObjects containing SMB signing configuration details. #> function Check-SMBSigningConfiguration { param([string[]]$Servers) Write-Host "`nChecking SMB Signing Configuration..." -ForegroundColor Yellow $signingResults = @() foreach ($server in $Servers) { try { $smbServer = Get-SmbServerConfiguration -CimSession $server -ErrorAction Stop $signingResults += [PSCustomObject]@{ Server = $server RequireSecuritySignature = $smbServer.RequireSecuritySignature EnableSecuritySignature = $smbServer.EnableSecuritySignature } } catch { Write-Host "Error checking SMB signing configuration on $server : $_" -ForegroundColor Red } } $signingResults | Format-Table -AutoSize return $signingResults } <# .SYNOPSIS Analyzes SMB client connections on target servers. .PARAMETER Servers Array of server names to analyze. .OUTPUTS Array of PSObjects containing SMB client connection details. #> function Analyze-SMBClientConnections { param([string[]]$Servers) Write-Host "`nAnalyzing SMB Client Connections..." -ForegroundColor Yellow $connectionResults = @() foreach ($server in $Servers) { try { $connections = Get-SmbConnection -CimSession $server -ErrorAction Stop foreach ($connection in $connections) { $connectionResults += [PSCustomObject]@{ Server = $server ClientComputerName = $connection.ClientComputerName ShareName = $connection.ShareName Dialect = $connection.Dialect NumOpens = $connection.NumOpens } } } catch { Write-Host "Error analyzing SMB client connections on $server : $_" -ForegroundColor Red } } $connectionResults | Format-Table -AutoSize return $connectionResults } <# .SYNOPSIS Generates a comprehensive HTML report of all analyses. .PARAMETER AllResults Hashtable containing all analysis results. .OUTPUTS Saves an HTML report to the desktop. #> function Generate-HTMLReport { param([hashtable]$AllResults) Write-Host "`nGenerating Comprehensive HTML Report..." -ForegroundColor Yellow $reportContent = @" <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>SMB Analysis Report</title> <style> body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; max-width: 1200px; margin: 0 auto; padding: 20px; } h1, h2, h3 { color: #0078D4; } table { border-collapse: collapse; width: 100%; margin-bottom: 20px; } th, td { border: 1px solid #ddd; padding: 8px; text-align: left; } th { background-color: #f2f2f2; } </style> </head> <body> <h1>SMB Analysis Report</h1> <p>Generated on: $(Get-Date)</p> <h2>SMB Shares</h2> $($AllResults.SMBShares | ConvertTo-Html -Fragment) <h2>SMB Protocol Versions</h2> $($AllResults.ProtocolVersions | ConvertTo-Html -Fragment) <h2>SMB Security Settings</h2> $($AllResults.SecuritySettings | ConvertTo-Html -Fragment) <h2>SMB Performance Counters</h2> $($AllResults.PerformanceCounters | ConvertTo-Html -Fragment) <h2>SMB Encryption Status</h2> $($AllResults.EncryptionStatus | ConvertTo-Html -Fragment) <h2>SMB Signing Configuration</h2> $($AllResults.SigningConfiguration | ConvertTo-Html -Fragment) <h2>SMB Client Connections</h2> $($AllResults.ClientConnections | ConvertTo-Html -Fragment) </body> </html> "@ $reportContent | Out-File -FilePath $global:reportPath Write-Host "Report generated and saved to: $global:reportPath" -ForegroundColor Green } # Main program loop $targetServers = Get-TargetServers $allResults = @{} do { Show-Menu $choice = Read-Host "`nEnter your choice (1-9)" switch ($choice) { "1" { $allResults.SMBShares = Analyze-SMBShares -Servers $targetServers } "2" { $allResults.ProtocolVersions = Check-SMBProtocolVersions -Servers $targetServers } "3" { $allResults.SecuritySettings = Analyze-SMBSecuritySettings -Servers $targetServers } "4" { $allResults.PerformanceCounters = Check-SMBPerformanceCounters -Servers $targetServers } "5" { $allResults.EncryptionStatus = Analyze-SMBEncryptionStatus -Servers $targetServers } "6" { $allResults.SigningConfiguration = Check-SMBSigningConfiguration -Servers $targetServers } "7" { $allResults.ClientConnections = Analyze-SMBClientConnections -Servers $targetServers } "8" { Generate-HTMLReport -AllResults $allResults } "9" { Write-Host "Exiting program..." -ForegroundColor Yellow; break } default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red } } if ($choice -ne "9") { Read-Host "`nPress Enter to continue..." } } while ($choice -ne "9")
This SMB Analyzer Tool includes:
- A menu-driven interface for easy navigation.
- Functions to analyze various aspects of SMB:
- SMB Shares analysis
- SMB Protocol Versions check
- SMB Security Settings analysis
- SMB Performance Counters check
- SMB Encryption Status analysis
- SMB Signing Configuration check
- SMB Client Connections analysis
- Flexible server selection (all domain servers, specific servers, or from a file).
- Comprehensive error handling for each analysis function.
- A function to generate an HTML report of all collected data.
Key features:
- Detailed analysis of SMB shares across multiple servers
- Checking of SMB protocol versions in use
- Review of SMB security settings and configurations
- Performance analysis using SMB-related counters
- Encryption and signing configuration checks
- Analysis of current SMB client connections
- HTML report generation for easy sharing and viewing of results
This tool is particularly useful for:
- System administrators managing file servers
- Network administrators troubleshooting SMB-related issues
- Security professionals auditing SMB configurations
- IT professionals performing server health checks
To use this script effectively:
- Run PowerShell as an administrator
- Ensure you have the necessary permissions to query the target servers
- Have the required PowerShell modules available (like ActiveDirectory if querying domain servers)
This script provides a comprehensive overview of SMB configurations and potential issues across multiple servers in your network. It can significantly streamline the process of auditing and maintaining SMB services, enhancing both performance and security aspects of file sharing in your environment.