PowerShell
Edit|Remove
<# 
     .Description 
          NAME:  
          AUTHOR: James Vierra , Designed Systems & Services 
          DATE  : 3/13/2009 
          COMMENT:  
                    09/15/2011 - Converted to PowerShell V2 
                    06/16/2014 - Add remote computer capability 
#> 
#requires -version 2.0 
[CmdLetBinding()] 
param( 
     [string]$name, 
     [string]$path, 
     [string]$computer=$env:COMPUTERNAME, 
     [string]$description = "", 
     [System.Security.Principal.NTAccount]$account="$($env:userdomain)\$($env:username)", 
     [System.Security.AccessControl.FileSystemRights]$rights='Read', 
     [int]$maxallowed = $null 
) 
 
function Create-WMITrustee([string]$NTAccount){ 
 
    $user = New-Object System.Security.Principal.NTAccount($NTAccount) 
    $strSID = $user.Translate([System.Security.Principal.SecurityIdentifier]) 
    $sid = New-Object security.principal.securityidentifier($strSID)  
    [byte[]]$ba = ,0 * $sid.BinaryLength      
    [void]$sid.GetBinaryForm($ba,0)  
     
    $Trustee = ([WMIClass] "Win32_Trustee").CreateInstance()  
    $Trustee.SID = $ba 
    $Trustee 
     
} 
 
 
function Create-WMIAce{ 
     param( 
          [string]$account, 
          [System.Security.AccessControl.FileSystemRights]$rights 
     ) 
    $trustee = Create-WMITrustee $account 
    $ace = ([WMIClass] "Win32_ace").CreateInstance()  
    $ace.AccessMask = $rights  
    $ace.AceFlags = 0 # set inheritances and propagation flags 
    $ace.AceType = 0 # set SystemAudit  
    $ace.Trustee = $trustee  
    $ace 
} 
 
Write-Verbose "Using WMI to create a new Security Descriptor" 
$sd = ([WMIClass] "Win32_SecurityDescriptor").CreateInstance() 
 
Write-Verbose "Create new ACE" 
$ace=Create-WMIAce $account $rights 
 
Write-Verbose "Add Ace to DACL" 
$sd.DACL += @($ace.psobject.baseobject) # append 
$sd.ControlFlags="0x4" # set SE_DACL_PRESENT flag  
 
$share = [wmiclass]"\\$computer\root\CimV2:Win32_Share" 
Write-Verbose 'Calling WMI to Create share.' 
$result=$share.Create( $path$name, 0, $maxallowed,$description,$null,$sd ) 
if($result.returnValue -ne 0){ 
     Write-Host "Create share failed with returnValue=$($result.returnValue)" -ForegroundColor red -BackgroundColor white 
     return  
} 
 
 
 
 
 

Add a new share using PowerShell and WMI.  Also initially sets the share security.  The default is to set the share to "Read" and to the current user.

 

This code was migrated from PowerShell V1 version as an Advanced Function/Script.  It supports -verbose and -debug as well as help.

I am posting it as a template for others to expand on and customize. I will be updating this as I test it on more systems and add more error handling.

PowerShell
Edit|Remove
<# 
     .Description 
          NAME:  
          AUTHOR: James Vierra , Designed Systems & Services 
          DATE  : 3/13/2009 
          COMMENT:  
                    09/15/2011 - Converted to PowerShell V2 
#> 
#requires -version 2.0 
[CmdLetBinding()] 
param( 
     [string]$name, 
     [string]$path, 
     [string]$description = "", 
     [System.Security.Principal.NTAccount]$account="$($env:userdomain)\$($env:username)", 
     [System.Security.AccessControl.FileSystemRights]$rights='Read', 
     [string]$maxallowed = $null 
) 
 
function Create-WMITrustee([string]$NTAccount){ 
 
    $user = New-Object System.Security.Principal.NTAccount($NTAccount) 
    $strSID = $user.Translate([System.Security.Principal.SecurityIdentifier]) 
    $sid = New-Object security.principal.securityidentifier($strSID)  
    [byte[]]$ba = ,0 * $sid.BinaryLength      
    [void]$sid.GetBinaryForm($ba,0)  
     
    $Trustee = ([WMIClass] "Win32_Trustee").CreateInstance()  
    $Trustee.SID = $ba 
    $Trustee 
     
} 
 
 
function Create-WMIAce{ 
     param( 
          [string]$account, 
          [System.Security.AccessControl.FileSystemRights]$rights 
     ) 
    $trustee = Create-WMITrustee $account 
    $ace = ([WMIClass] "Win32_ace").CreateInstance()  
    $ace.AccessMask = $rights  
    $ace.AceFlags = 0 # set inheritances and propagation flags 
    $ace.AceType = 0 # set SystemAudit  
    $ace.Trustee = $trustee  
    $ace 
} 
 
Write-Verbose "Using WMI to create a new Security Descriptor" 
$sd = ([WMIClass] "Win32_SecurityDescriptor").CreateInstance() 
 
Write-Verbose "Create new ACE" 
$ace=Create-WMIAce $account $rights 
 
Write-Verbose "Add Ace to DACL" 
$sd.DACL += @($ace.psobject.baseobject) # append 
$sd.ControlFlags="0x4" # set SE_DACL_PRESENT flag  
 
$share = [wmiclass]"Win32_Share" 
Write-Verbose "Calling WMI to Create share." 
$result=$share.Create( $path$name, 0, $maxallowed,$description,$null,$sd ) 
if($result.returnValue -ne 0){ 
     Write-Host "Create share failed with returnValue=$($result.returnValue)" -ForegroundColor red -BackgroundColor white 
     return  
}