Microsoft Virtualization Discussions

Creating a Share and Setting permissions on it


I need to run a PowerShell script on windows server 2008 R2 to create user shares on NetApp and set permissions on them.

What is the easiest way to do that?

Thank you



I'm working on the same thing. I've got a script that does it, however it takes 3 text files per share to do it. You also need a master "shares.txt' file that is nothing but a list of the shares you are trying to create.

First thing is to create a text file with the share names. Then you create 3 text files for each sheare. One that has a list of users that need full control, one for Change, and one for Read only. These lists of users need to be in the following format;

Domain\username or Domain\groupname.

Best thing is to have all of the text files together, but is not a requirement.

Here is the script.

$servershares = (Get-Content c:\scripts\TEST\shares.txt)
$vp = '/vol/Volumename/directory_or_qtreename'  (The Volume path on the Netapp)

#This creates the directory and sets the permissions to Everyone full control

foreach ($share in $servershares) {
New-NaDirectory -path $VP/$share -Permission 777

#This creates the Share on that NEW directory. It also sets the permissions to everyone Full control.
Add-NaCifsShare $share -path $VP/$share -Comment 'Powershell test'

#This re-sets the permissions on the Share (not NTFS permissions) to specified groupsor users based on the text files.

$ShareF = (get-content c:\scripts\TEST\"$share"F.txt)
    Foreach ($fcu in $ShareF) {
    Set-NaCifsShareAcl $share $fcu "Full Control"

$ShareC = (get-content c:\scripts\TEST\"$share"C.txt)
    Foreach ($ccu in $ShareC) {
    Set-NaCifsShareAcl $share $ccu "Change"

$ShareR = (get-content c:\scripts\TEST\"$share"R.txt)
    Foreach ($rcu in $ShareR) {
    Set-NaCifsShareAcl $share $rcu "Read"

I know it's a bit clunky and it requires a lot of prepwork in getting the txt files set-up. I also need to figure out a way to get it to work on sub-directories, but it is a start.


You could put the single character permission type in one text file as an additional field and read that in as well.  Then add If statements to control the permission type on the Set line based on that single value in the only file.