Posted On August 5, 2021

PowerShell: Create and Edit SMB Shares

kimconnect 0 comments
blog.KimConnect.com >> Codes >> PowerShell: Create and Edit SMB Shares
# Create SMB Share
$sharePath='C:\testshare'
$accessList="$env:USERDOMAIN\Domain Admins","NT AUTHORITY\Authenticated Users"
$shareName=split-path $sharePath -leaf
mkdir $sharePath
New-SmbShare -Name $shareName -Path $sharePath -FullAccess $accessList

# Check SMB Acccesses
[SMBSERVER]: PS C:\Users\kimconnect\Documents> Get-SmbShareAccess $shareName
Name          ScopeName AccountName                      AccessControlType AccessRight
----          --------- -----------                      ----------------- -----------
testshare *         KIMCONNECT\Domain Admins         Allow             Full
testshare *         NT AUTHORITY\Authenticated Users Allow             Full

# Add Share Permissions
$grantPrinciple="$env:USERDOMAIN\Domain Admins"
Grant-SmbShareAccess -Name $shareName -AccountName $grantPrinciple -AccessRight Full -Force

# Remove Share Permissions
$removePrinciple="NT AUTHORITY\Authenticated Users"
Revoke-SmbShareAccess -Name $shareName -AccountName $removePrinciple -Force

# Clone NTFS Access Control List (ACL)
# Warning: only do this to a new clone-to directory as misuse can cause permission problems
$cloneAclFrom='C:\originalshare'
$cloneAclTo=$sharePath
get-acl $cloneAclFrom|set-acl $cloneAclTo

# Check NTFS Permissions:
[SMBSERVER]: PS C:\Users\kimconnect\Documents> (get-acl c:\testshare).AccessToString
Everyone Allow  ReadAndExecute, Synchronize
CREATOR OWNER Allow  FullControl
NT AUTHORITY\SYSTEM Allow  FullControl
BUILTIN\Administrators Allow  FullControl
KIMCONNECt\TestAdmin Allow  FullControl

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Sample Forth Shift Script

REM Daily Batch for Fourth Shiftrem E:\FShift\cabsauto\timeout 14400rem E:\FShift\cabsauto\timeout 7200rem E:\FShift\cabsauto\timeout 7200rem E:\FShift\cabsauto\timeout 7200rem E:\FShift\cabsauto\timeout…

PowerShell: Check Active Directory Username Collisions

$originalCsvFile='C:\Users\rambo\Desktop\Usernames.csv' $newCsvFile='C:\Users\rambo\Desktop\Usernames-processed.csv' function checkUsernameCollisions($originalCsv,$newCsv){ $csvContents=import-csv $originalCsv write-host "Pulling existing records from Active Directory of $env:USERDNSDOMAIN..."…

PowerShell: Add Accounts into Local Administrators Group

# addAccountToLocalAdmins.ps1# Requires: PowerShell Version 4.0+$accountToAdd='ServerAdmins'$groupName="Administrators"$servers=@( "CONCU1", 'CONCU2', 'CONCU100', 'CONCU80665', 'CONCU6547354', 'CONWHAT989', 'CONCU3')$servers|%{ $session=new-pssession $_…