How to Find Shared Folders in Active Directory & Locate their Path
Administrators often ask how to find shared folders in the Active Directory environment. This is primarily due to Shared being unable to locate the path on which a Shared folder lies. Moreover, if they plan to move users and computers from one domain to another, they must have a list of all attached resources, which includes the Shared Folders as well. So in this writeup, we give a list of various methods that can help out all admins, regardless of their experience. Starting off with script-based PowerShell commands.
How to Find Shared Folders in Active Directory via PowerShell Scripts?
Shared Folders are located inside organization units. So with little change to our original script to find a computer OU in Active Directory we can complete the necessary task.
# Import the Active Directory module Import-Module ActiveDirectory # Get a list of all computers in the Active Directory $computers = Get-ADComputer -Filter * -Property Name | Select-Object -ExpandProperty Name # Initialize an array to store the results $sharedFolders = @() # Iterate through each computer foreach ($computer in $computers) { try { # Get shared folders on the current computer $shares = Invoke-Command -ComputerName $computer -ScriptBlock { Get-SmbShare } -ErrorAction Stop foreach ($share in $shares) { # Collect relevant information about the shared folder $sharedFolders += [PSCustomObject]@{ ComputerName = $computer ShareName = $share.Name Path = $share.Path Description = $share.Description ScopeName = $share.ScopeName } } } catch { Write-Host "Unable to connect to $computer" -ForegroundColor Red } } # Display the results $sharedFolders | Format-Table -AutoSize
Explanation:
First, we use Import-Module ActiveDirectory to add and use AD-related cmdlets.
Then the Get-ADComputer -Filter * -Property Name | Select-Object -ExpandProperty Name part retrieves all computers present in the Active Directory.
Using the Invoke-Command -ComputerName $computer -ScriptBlock { Get-SmbShare } -ErrorAction Stop: we run the Get-SmbShare cmdlet on each remote computer.
Then, we store the retrieved shared folder information in a custom object array.
With the help of Format-Table -AutoSize we display the results in a tabular manner.
Like wise we have a command line query to list shared folders on any Active Directory computer object.
wmic /node:"<remotePCname>" share get Name,Path,Description
Here, replace the “remotePCname” variable with the one whose data you want to visualize. Remind you that unlike PowerShell, which can be modified to export the results into CSV format, the cmd query lacks any such upgradeability.
If you do not want to use code, then try out the following method instead.
Traditional Approaches to Determine Shared Folder Path in Active Directory
There are two built-in apps that admins can use for this task. However, as Shared folders cannot exist independently many times admins have to first get the AD computer account password expiration date to ensure that the computer in which they are about to look is still active.
We provide you the instructions to use both one by one. First up we have ADUC
- Open Active Directory Users and Computers snap-in.
- From the top toolbar, click on the object search icon.
- In the Find dialog box, choose the Shared Folders option.
- Click on Find Now.
You are going to find the required options in the search results section.
As these results cannot be copied and pasted, administrators may prefer the second option which is the Administrative Center. To use it here are the guidelines.
- Go to ADAC
- Click on Global Search
- Toggle LDAP option
- Put (objectCategory=Volume) > Hit Apply
- Select the Results and Copy then Paste them into any Spreadsheet application.
Other than these obvious methods described earlier, there is yet another Active Directory functionality that can help you determine the Shared Folder path. It is the Event Viewer.
Using Event Viewer to Find a Shared Folder in an AD
As Shared folder creation is a distinction security event, windows machines assign a unique Event ID to this process. So to check when and where a Shared folder is located, open an Event Viewer instance with the help of the following steps.
- Press Windows + R simultaneously.
- Type ”eventvwr.msc” in the Run dialog box.
- Then, expand Windows logs and go to the Security tab.
- Search for the ID 5142.
This appears on the logs every time a new network share object is added in the AD. The object name, along with the shared path, is viewable for all computers that have OS versions 7 and later. However, administrators also need to ensure that the Active Directory is present on Windows Server 2008 R2 or later.
Each new shared folder creation event has its own separate ID. Therefore, the admin may have to spend a lot of time if they take the event viewer route. A smarter way would be to take help from a utility that can not only display all events at once but also allow admins to export the said report.
Why and How to Use Automated Share Folder Location Reporter
Due to their multi-accessible nature, sometimes even experienced admins need help finding the exact location of a Shared Folder. Moreover, these folders are often kept in a hierarchical arrangement, which increases the difficulty of this operation. So much so that even a simple resource listing operation can take hours to complete.
Therefore, an easy way out is to rely on the automated SysTools Active Directory Reporting tool. This utility comes with specialized filters that can display all Shared Folders along with their host OU in just a few clicks. Using the date picker admins can further tone down their search results and export the list into a CSV format. Here is a list of steps that you can use to find the Shared Folder source path.
- Launch the tool, let the default (administrator) credentials fill in, then log in.
- Use the REGISTER DOMAIN CONTROLLER option to add your domain.
- Put in a suitable name and the exact IP address of the Active Directory.
- Go to the Domain Details Page and validate the admin credentials.
- Toggle the Reports tab > Scroll to Shared Folders > Select All.
- Click on Preview to get an early vision of Shared Folder paths.
- Click on Download and choose CSV > Save the result on your workstation.
Best Practices for Shared Folder Management in Active Directory
Organize Shared Folders
Keep Shared Folders in a manageable structure. Ensure that the name fits the content. All this helps during the Active Directory attribute audit scenarios.
Schedule Regular Audits
Admins should trust but verify by carrying out regular unannounced checkers to see if the predefined folder management rules are being followed or not.
Implement Security Measures
Shared folders are the most vulnerable to unauthorized access. Therefore, security becomes an even greater concern. Combine group policies and access control lists (ACLs) to protect sensitive data within shared folders.
Conclusion
So in this writeup, we explained how to find shared folders in Active Directory in a multitude of ways. From PowerShell scripts to traditional AD interfaces, administrators have many direct options to locate the network folder path. However, each of the manual methods contains one problem or another. Therefore, it is better to use an automated utility that does away with all manual limitations in one go.