I’ve had a bit of a battle getting PowerShell to work on creating remote shares with the permissions I want. I think I have it working now in a fairly minimalist fashion.
#create a share using WMI and PowerShell
#
#5/14/2012 - By Trentent Tye
#
#To create a share with PowerShell utilizing WMI (so you don't need
#to use PSRemoting) you need to do the following:
#1) Create the Win32_Share class
#2) Create the Security Descriptor for the share
#3) Create the ACE for the share
#4) Create the Trustee fo rthe ACE
#5) Set all the variables
#6) Create the share.
#
#The next lines sets a computer (%cn%) to "EVERYONE FULL CONTROL" on the
#share "HomeDirs"
$cshare = [WMIClass]"\\%cn%\root\cimv2:Win32_Share"
$securityDescriptor = ([WMIClass] "\\%cn%\root\cimv2:Win32_SecurityDescriptor").CreateInstance()
$ACE = ([WMIClass] "\\%cn%\root\cimv2:Win32_ACE").CreateInstance()
$Trustee = ([WMIClass] "\\%cn%\root\cimv2:Win32_Trustee").CreateInstance()
$Trustee.Name = "EVERYONE"
$Trustee.Domain = $Null
$Trustee.SID = @(1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0)
$ace.AccessMask = 2032127
$ace.AceFlags = 3
$ace.AceType = 0
$ACE.Trustee = $Trustee
$securityDescriptor.DACL += $ACE.psObject.baseobject
#trying to create share... variables are:
#,,,(if $Null set to maximum allowed),,,
$result = $cshare.create("%homeDrive%:\homedirs","homedirs",0,$Null,"Home Directory Share",$Null,$securityDescriptor)
}
Enjoy!