Thursday, October 9, 2014

PowerShell Creating a Home Folder for Users

Hi Readers,

Sharing a script that I have written recently for Creatiing Home folder, adding permissions & updating Active directory home folder path.

Download the zip file from below link & extract the script files.

https://gallery.technet.microsoft.com/scriptcenter/PowerShell-Creating-a-Home-c20fe6cb



Update the users.txt file with user logon names/samaccountnames

Update the variables in the script & run the batch file to execute.

###################Define Variables####
$NetPath = "\\labNas\users$"

$users = get-content .\users.txt

$dletter = "H:"
#######################################

This script will create folder names at the location provided, & connect as H: drive in active directory

if  fields are already populated than script will throw warnings that value/folder already exists.



Pls rate the contribution if it worked for you.

download Quest Management Shell (its a free shell) --> http://www.quest.com/powershell/activeroles-server.aspx


######################################################################### 
#        Author: Vikas SUkhija 
#               Description: Create Home folder 
#               date: 09/17/2014 
#                
######################################################################### 
 
$date = get-date -format d 
# replace \ by - 
$time = get-date -format t 
$month = get-date  
$month1 = $month.month 
$year1 = $month.year 
 
$date = $date.ToString().Replace(“/”, “-”) 
 
$time = $time.ToString().Replace(":""-"
$time = $time.ToString().Replace(" """
 
 
$logs = ".\" + "Powershell" + $date + "_" + $time + "_.txt" 
 
start-transcript $logs 
 
# ListDirectory, ReadData, WriteData  
# CreateFiles, CreateDirectories, AppendData  
# ReadExtendedAttributes, WriteExtendedAttributes, Traverse 
# ExecuteFile, DeleteSubdirectoriesAndFiles, ReadAttributes  
# WriteAttributes, Write, Delete  
# ReadPermissions, Read, ReadAndExecute  
# Modify, ChangePermissions, TakeOwnership 
# Synchronize, FullControl 
 
If ((Get-PSSnapin | where {$_.Name -match "Quest.ActiveRoles.ADManagement"}) -eq $null

    Add-PSSnapin Quest.ActiveRoles.ADManagement 

 
###################Define Variables#### 
 
$NetPath = "\\labnas\users$" 
$users = get-content .\users.txt 
$dletter = "H:" 
 
####################################### 
 
$users | foreach-object{ 
 
$qaduser = get-qaduser $_ 
 
$userhomepath = $NetPath + "\" + $_ 
 
    if(-not(Test-Path $userhomepath)) 
    { 
 
    New-Item -Path $userhomepath -ItemType Directory 
        Write-host "$userhomepath ------Created" -foregroundcolor Blue 
        $acl = get-acl $userhomepath 
 
    $inheritanceFlags = ([Security.AccessControl.InheritanceFlags]::ContainerInherit -bor ` 
                         [Security.AccessControl.InheritanceFlags]::ObjectInherit) 
    $propagationFlags = [Security.AccessControl.PropagationFlags]::None 
 
 
        $permissions = $_,"Modify",$inheritanceFlags,$propagationFlags,"Allow" 
        $access = New-Object  system.security.accesscontrol.filesystemaccessrule($permissions
    $acl.SetAccessRule($access
    $acl | Set-Acl $userhomepath  
        $homedir = $qaduser.HomeDirectory 
            if ($homedir -like $null
                   { 
                     
                   Get-QADUser $_ | Set-QADUser -ObjectAttributes @{HomeDirectory = $userhomepath
                   Get-QADUser $_ | Set-QADUser -ObjectAttributes @{HomeDrive = $dletter
                   $usr = Get-QADUser $_ 
 
                   Write-host "Added Homedrive "$usr.HomeDrive" and Home directory "$usr.HomeDirectory""  -foregroundcolor Green 
                   } 
                 else {Write-host "$homedir already exists in AD for $_" -foregroundcolor yellow} 
                  
        } 
        else 
        { 
 
    Write-Warning -Message "'$userhomepath' already exists." 
        $homedir = $qaduser.HomeDirectory 
                if ($qaduser.HomeDirectory -like $null
                   { 
                     
                   Get-QADUser $_ | Set-QADUser -ObjectAttributes @{HomeDirectory = $userhomepath
                   Get-QADUser $_ | Set-QADUser -ObjectAttributes @{HomeDrive = $dletter
                   $usr = Get-QADUser $_ 
 
                   Write-host "Added Homedrive "$usr.HomeDrive" and Home directory "$usr.HomeDirectory""  -foregroundcolor Green 
                   } 
                 else {Write-host "$homedir already exists in AD for $_" -foregroundcolor yellow} 
                  
 
       } 

 
 
Stop-transcript 
########################################################################



 Regards


Sukhija Vikas

http://msexchange.me

12 comments:

  1. Don't call this a powershell script if you can't run it without quest.

    ReplyDelete
  2. If quest is not there than AD module or AdSi scripting will be needed, let me know how can I assist..

    ReplyDelete
  3. Please explain how to do this without Quest

    ReplyDelete
  4. instead of quest use admodule and change to corresponding commands in that module.

    ReplyDelete
  5. How do we modify the script to overwrite the current values for HomeDirectory and HomeDrive instead of displaying the "already exists" message?

    ReplyDelete
  6. remove condition that is checking ($qaduser.HomeDirectory -like $null) ($homedir -like $null)

    ReplyDelete
  7. I have already created something like that. Do you know how I can share all the users folders hidden? kinda \\srvname\drive\user$ thanks

    ReplyDelete
  8. Hi, very useful code, Thanks. How can add user to Folfer Permission Full control?

    ReplyDelete
  9. Hi, very useful code, Thanks. How can add user to Folfer Permission Full control(add some code to yours)?

    ReplyDelete
  10. check the line $permissions = $_,"Modify",$inheritanceFlags,$propagationFlags,"Allow" , you have to change that but i think modify permissions as better than giving full as than they will be able to alter the ACL.

    ReplyDelete