Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
767 views
in Technique[技术] by (71.8m points)

wmi - Powershell - Invoke-WmiMethod to create a Sharefolder remotely with full controle permission

I've been using this script to create my users folders but I just find that the remote share folder is created with ReadOnly share.

My question is how can I create the share folder with $domainnamedomain users with full control?

Invoke-WmiMethod -Class win32_share -name Create -ArgumentList `
 @($null,"",100,"hideshare$","",e:usershideshare,0) -computername "DestinationSRV"

I've found many threads with answers but not with the method I use.

Any ideas?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Try:

#Username/Group to give permissions to
$trustee = ([wmiclass]'Win32_trustee').psbase.CreateInstance()
$trustee.Domain = "domainname"
$trustee.Name = "username or groupname"

#Accessmask values
$fullcontrol = 2032127
$change = 1245631
$read = 1179785

#Create access-list
$ace = ([wmiclass]'Win32_ACE').psbase.CreateInstance()
$ace.AccessMask = $fullcontrol
$ace.AceFlags = 3
$ace.AceType = 0
$ace.Trustee = $trustee

#Securitydescriptor containting access
$sd = ([wmiclass]'Win32_SecurityDescriptor').psbase.CreateInstance()
$sd.ControlFlags = 4
$sd.DACL = $ace
$sd.group = $trustee
$sd.owner = $trustee

$share = Get-WmiObject Win32_Share -List -ComputerName "DestinationSRV"
$share.create("e:usershideshare", "hideshare$", 0, 100, "Description", "", $sd)

The security for this share will only allow the specified username. You need to modify this(add multiple ace's) to add different groups, add everyone etc..

Source for access-part


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...