Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Configures the folders to have necessary permissions
- # Set the folder path
- # gname, sharedcomputername, and clientname all come from values in previous script
- $Server = $ShareComputerName
- $Share = "d$Tran"+$ClientName
- $FullSharePath = "$Server"+"$Share"
- # Assign the permissions
- net share $gname=$FullSharePath '/Grant:Administrators,FULL' '/Grant:DomainAccount,CHANGE'
- # Setting NTFS directory permissions
- $acl = Get-Acl "\$servernamefolderpath"
- $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("domainuser or usergroup","Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
- $acl.AddAccessRule($rule)
- $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Users","Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
- $acl.AddAccessRule($rule)
- Set-Acl "\$servernamefolderpath" $acl
- # Configures the folders to have necessary permissions
- # Set the folder path
- $Server = Enter your server name here (ex: \test)
- $Share = Enter the path to the folder here (ex: C:Test)
- # Assign the Share Permissions
- # User Name/Group to give permissions to
- $trustee = ([wmiclass]'Win32_trustee').psbase.CreateInstance()
- $trustee.Domain = "Corp"
- $trustee.Name = "$gname"
- $trustee2 = ([wmiclass]'Win32_trustee').psbase.CreateInstance()
- $trustee2.Domain = "Domain"
- $trustee2.Name = "Domain Admins"
- # Access mask values
- $fullcontrol = 2032127
- $change = 1245631
- $read = 1179785
- # Create access-list
- $ace = ([wmiclass]'Win32_ACE').psbase.CreateInstance()
- $ace.AccessMask = $fullcontrol
- $ace.AceFlags = 3
- $ace.AceType = 0
- $ace.Trustee = $trustee
- $ace2 = ([wmiclass]'Win32_ACE').psbase.CreateInstance()
- $ace2.AccessMask = $fullcontrol
- $ace2.AceFlags = 3
- $ace2.AceType = 0
- $ace2.Trustee = $trustee2
- # Security descriptor containing access
- $sd = ([wmiclass]'Win32_SecurityDescriptor').psbase.CreateInstance()
- $sd.ControlFlags = 4
- $sd.DACL = $ace, $ace2
- $sd.group = $trustee
- $sd.owner = $trustee
- $share = Get-WmiObject Win32_Share -List -ComputerName "$Server"
- $share.create("$Share", "Name of the share", 0, 100, "", "", $sd)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement