Hi Readers,
Sharing a script that I have written recently for Creatiing Home folder, adding permissions & updating Active directory home folder path.
Download the zip file from below link & extract the script files.
https://github.com/VikasSukhija/Downloads/blob/master/homedirectory.zip
Update the users.txt file with user logon names/samaccountnames
Update the variables in the script & run the batch file to execute.
###################Define Variables####
$NetPath = “\\labNas\users$”
$users = get-content .\users.txt
$dletter = “H:”
#######################################
This script will create folder names at the location provided, & connect as H: drive in active directory
if fields are already populated than script will throw warnings that value/folder already exists.
Pls rate the contribution if it worked for you.
download Quest Management Shell (its a free shell) –> http://www.quest.com/powershell/activeroles-server.aspx
######################################################################### # Author: Vikas SUkhija # Description: Create Home folder # date: 09/17/2014 # ######################################################################### $date = get-date -format d # replace \ by - $time = get-date -format t $month = get-date $month1 = $month.month $year1 = $month.year $date = $date.ToString().Replace(“/”, “-”) $time = $time.ToString().Replace(":", "-") $time = $time.ToString().Replace(" ", "") $logs = ".\" + "Powershell" + $date + "_" + $time + "_.txt" start-transcript $logs # ListDirectory, ReadData, WriteData # CreateFiles, CreateDirectories, AppendData # ReadExtendedAttributes, WriteExtendedAttributes, Traverse # ExecuteFile, DeleteSubdirectoriesAndFiles, ReadAttributes # WriteAttributes, Write, Delete # ReadPermissions, Read, ReadAndExecute # Modify, ChangePermissions, TakeOwnership # Synchronize, FullControl If ((Get-PSSnapin | where {$_.Name -match "Quest.ActiveRoles.ADManagement"}) -eq $null) { Add-PSSnapin Quest.ActiveRoles.ADManagement } ###################Define Variables#### $NetPath = "\\labnas\users$" $users = get-content .\users.txt $dletter = "H:" ####################################### $users | foreach-object{ $qaduser = get-qaduser $_ $userhomepath = $NetPath + "\" + $_ if(-not(Test-Path $userhomepath)) { New-Item -Path $userhomepath -ItemType Directory Write-host "$userhomepath ------Created" -foregroundcolor Blue $acl = get-acl $userhomepath $inheritanceFlags = ([Security.AccessControl.InheritanceFlags]::ContainerInherit -bor ` [Security.AccessControl.InheritanceFlags]::ObjectInherit) $propagationFlags = [Security.AccessControl.PropagationFlags]::None $permissions = $_,"Modify",$inheritanceFlags,$propagationFlags,"Allow" $access = New-Object system.security.accesscontrol.filesystemaccessrule($permissions) $acl.SetAccessRule($access) $acl | Set-Acl $userhomepath $homedir = $qaduser.HomeDirectory if ($homedir -like $null) { Get-QADUser $_ | Set-QADUser -ObjectAttributes @{HomeDirectory = $userhomepath} Get-QADUser $_ | Set-QADUser -ObjectAttributes @{HomeDrive = $dletter} $usr = Get-QADUser $_ Write-host "Added Homedrive "$usr.HomeDrive" and Home directory "$usr.HomeDirectory"" -foregroundcolor Green } else {Write-host "$homedir already exists in AD for $_" -foregroundcolor yellow} } else { Write-Warning -Message "'$userhomepath' already exists." $homedir = $qaduser.HomeDirectory if ($qaduser.HomeDirectory -like $null) { Get-QADUser $_ | Set-QADUser -ObjectAttributes @{HomeDirectory = $userhomepath} Get-QADUser $_ | Set-QADUser -ObjectAttributes @{HomeDrive = $dletter} $usr = Get-QADUser $_ Write-host "Added Homedrive "$usr.HomeDrive" and Home directory "$usr.HomeDirectory"" -foregroundcolor Green } else {Write-host "$homedir already exists in AD for $_" -foregroundcolor yellow} } } Stop-transcript ########################################################################
Don’t call this a powershell script if you can’t run it without quest.
If quest is not there than AD module or AdSi scripting will be needed, let me know how can I assist..
instead of quest use admodule and change to corresponding commands in that module.
How do we modify the script to overwrite the current values for HomeDirectory and HomeDrive instead of displaying the “already exists” message?
remove condition that is checking ($qaduser.HomeDirectory -like $null) ($homedir -like $null)
I have already created something like that. Do you know how I can share all the users folders hidden? kinda \\srvname\drive\user$ thanks
THanks
Hi, very useful code, Thanks. How can add user to Folfer Permission Full control?
Hi, very useful code, Thanks. How can add user to Folfer Permission Full control(add some code to yours)?
check the line $permissions = $_,”Modify”,$inheritanceFlags,$propagationFlags,”Allow” , you have to change that but i think modify permissions as better than giving full as than they will be able to alter the ACL.
Thanks a lot.