I have a simple PowerShell command that can share a folder:
$(Get-WMIObject Win32_Share -List).Create("C:\MyPath\WebData", "WebData", 0)
But that creates it with "Everyone" having read-only access.
How do I create it with everyone having full access? Or any other access, for that matter.
I can't work out how to use the Win32_SecurityDescriptor parameter on the WMI Share Create method.
The examples I have found so far only affect the file permissions (Get-ACL, Set-ACL, etc), which is not the problem I have, or they use command-line commands or vba, which I also want to avoid. This must be possible in PS.
I cannot use PowerShell 3 here, so the new New-SMBShare and related methods are not available.
thanks,
I've answered a similar question before:
Powershell - Invoke-WmiMethod to create a Sharefolder remotely with full controle permission
To make the rule apply for Everyone then it seems you need to modify it with:
$trustee.Name = "EVERYONE"
$trustee.Domain = $Null
Tested sample:
#Username/Group to give permissions to
$trustee = ([wmiclass]'Win32_trustee').psbase.CreateInstance()
$trustee.Domain = $null
$trustee.Name = "EVERYONE"
#Accessmask values
$fullcontrol = 2032127
$change = 1245631
$read = 1179785
#Create access-list
$ace = ([wmiclass]'Win32_ACE').psbase.CreateInstance()
$ace.AccessMask = $fullcontrol
$ace.AceFlags = 3
$ace.AceType = 0
$ace.Trustee = $trustee
#Securitydescriptor containting access
$sd = ([wmiclass]'Win32_SecurityDescriptor').psbase.CreateInstance()
$sd.ControlFlags = 4
$sd.DACL = $ace
$sd.group = $trustee
$sd.owner = $trustee
$share = Get-WmiObject Win32_Share -List
$share.create("d:\testfolder", "testshare$", 0, 100, "Description", "", $sd)