I have a script that properly sets up a new share on a Windows 2012 server, but it will not work for our Windows 2003 server.
Is there something that I am overlooking?
#AccessMasks:#2032127 = Full Control
#1245631 = Change
#1179817 = Read
#Defining Folder Share Permissions
$trustee = ([wmiclass]"Win32_trustee").psbase.CreateInstance()
$trustee.Domain = $domain
$trustee.Name = "administrator"
$ace = ([wmiclass]"Win32_ACE").psbase.CreateInstance()
$ace.AccessMask = 2032127
$ace.AceFlags = 3
$ace.AceType = 0
$ace.Trustee = $trustee
$trustee2 = ([wmiclass]"Win32_trustee").psbase.CreateInstance()
$trustee2.Domain = "BUILTIN" #Or domain name
$trustee2.Name = "Administrators"
$ace2 = ([wmiclass]"Win32_ACE").psbase.CreateInstance()
$ace2.AccessMask = 2032127
$ace2.AceFlags = 3
$ace2.AceType = 0
$ace2.Trustee = $trustee2
$trustee3 = ([wmiclass]"Win32_trustee").psbase.CreateInstance()
$trustee3.Domain = $domain
$trustee3.Name = $newSAM
$ace3 = ([wmiclass]"Win32_ACE").psbase.CreateInstance()
$ace3.AccessMask = 2032127
$ace3.AceFlags = 3
$ace3.AceType = 0
$ace3.Trustee = $trustee3
$sd = ([wmiclass]"Win32_SecurityDescriptor").psbase.CreateInstance()
$sd.ControlFlags = 4
$sd.DACL = [System.Management.ManagementBaseObject[]] ($ace, $ace3)
$sd.group = $trustee2
$sd.owner = $trustee2
#Creating the Folder Share
$finalResult = Invoke-WmiMethod -Class win32_share -name Create -ArgumentList @($sd, "", 100, $shareName, "", "$folderName\$newSAM", 0) -computername $serverName -EnableAllPrivileges
On the Windows 2012 server, this creates the share with the administrator and the user having proper access, but on the Windows 2003 server, all it gives is the standard 'Everyone' user with 'Full Control'