I am having some issues with delegation. Hoping someone may have run into something similar.
If I execute this command locally on a machine, it works fine.

Test-Path "\\srvr\share" -PathType Container

The path can be a variable because I am trying to configure things from a remote workstation and I am reading values from a configuration file, so I set things up like this (assume the first two variables come from the config file):

$hostpath = "\\srvr\share"
 $hostname = "host1"
 $hostcreds = Get-Credential
 $hostsession = New-PSSession -ComputerName $hostname -Credential $hostcreds -Name $hostname
 Invoke-Command -Session $hostSession {param($tmp1) Test-Path $tmp1 -PathType Container} -ArgumentList $hostPath

I receive an "Access is denied" error on the Invoke-Command.  Full error is:
Access is denied
    + CategoryInfo          : NotSpecified: (:) [Test-Path], UnauthorizedAccessException
    + FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.TestPathCommand
    + PSComputerName        : Host1

I can go into Active Directory and change the delegation on the $hostname computer to "Trust this computer for delegation to any service (Kerberos only)", and it works.  But I would rather constrain the delegation to an individual service or two, if at all possible.  So, I tried selecting "Trust this computer for delegation to specified services only - Use Kerberos only" and select all the possible options .  I received the "Access is denied" error.  So there is obviously some difference between trusting any service and selecting all listed services.  BTW, right now I am running everything from "host1" so I am creating a PSsession from/to the same host, but the share is on a different host.  So I ensured when I selected services to delegate, I selected them from both the host1 and srvr computers.  No matter what combination, I get Access denied.

So I figured I would take a different tack.  I changed the Invoke-Command to execute against a -Computer instead of a -Session.

Invoke-Command -ComputerName $hostname {param($tmp1) Test-Path $tmp1 -PathType Container} -Credential $hostCreds -ArgumentList $hostpath

I found out that if $hostpath references a local directory (C:\temp), this command works fine.  But if it references a file share, I get the Access is denied.  Both local directory and shares are valid values, so I can't use this option.
So, I'm wondering if there is another way I can try configuring the Invoke-Command to get this to work against a file share.

Secondly, if all else fails, I did find this in my searching for an answer.  I found a link in this forum that pointed to the Group Policy forum.  It included a script segment.

Set objComputer = GetObject("LDAP://CN=CLIENTNAME,OU=OUNAME,DC=DOMAINNAME,DC=com")
 objComputer.Put "userAccountControl", "528384"
 objComputer.SetInfo

This script supposedly forces the computer into the trust for any service mode.  But I don't know how to translate it into PowerShell.  If I had that in PowerShell, I suppose I could save the initial setting, reset it for my script, and then reset it upon completion so I would not leave the computer in a fully delegated mode.

Thanks for the ins

You cannot use UNC paths in a remote session.

Well, as noted above, it works if I change the delegation setting on the node that has the remote session established.  When I set the delegation on Host1 to "Trust this computer for delegation to any service (Kerberos only)", it works with a UNC.  I just don't like permanently opening a computer to that level for security reasons.

But, if I can't get it more refined than that, could you point me to a reference for converting this script into PowerShell?

Set objComputer = GetObject("LDAP://CN=CLIENTNAME,OU=OUNAME,DC=DOMAINNAME,DC=com")
 objComputer.Put "userAccountControl", "528384"
 objComputer.SetInfo

That would at least allow me to set the computer for delegation and get it to work by temporarily setting the delegation mode for the duration of the script.

 set-adcomputer ws702 -TrustedForDelegation $true
 set-adcomputer ws702 -TrustedForDelegation $false

Thank you.

I often see script segments like the above when looking for solutions.  Is there any sort of reference to help in converting whatever that is to PowerShell?  Hate to have to post here each time I need something translated if I can learn to do it on my own.

What I posted IS PowerShell.

My request is some guidance on how I can learn to do those translations on my own instead of posting snippets here for translation.

Start by searching. For example:

http://www.google.com/search?&q=active+directory+computer+trust+for+delegation+powershell

Right on the first page of results is a link to the documentation for the Set-ADAccountControl cmdlet, which can do what you were looking for.

I understand that what you posted IS PowerShell.  My request is some guidance on how I can learn to do those translations on my own instead of posting snippets here for translation.  I appreciate the fact that you did the translation for me, but I don't think you want to always be my t

I did not expect a magic box, but I did find this - https://technet.microsoft.com/en-us/library/ee221101.aspx - The VBScript-to-Windows PowerShell Conversion Guide.  At least it'