Examples and Notes by Week

↑ Up to Parent directory
View MapHomeDirectories.ps1 code.	Open/Save MapHomeDirectories.ps1.
View RemoveHomeFolders.ps1 code.	Open/Save RemoveHomeFolders.ps1.

The code for MapHomeDirectories.ps1 is:
$DC1 = "mar" $DC2 = "test" $SRV = "jimmar19" $ADou = "OU=people" $fqdn = "\\$SRV.$DC1.$DC2" $drive = "C" $homefolder = "home" # Check if home directory folder exists on the server. # Needs $drive and $homefolder set above. if (-not (Test-Path -Path "$($drive):\$($homefolder)") ) { New-Item -Path "$($drive):\$($homefolder)" -ItemType Directory | Out-Null New-SmbShare -Path "$($drive):\$($homefolder)" -Name $homefolder | Out-Null Grant-SmbShareAccess -Name $homefolder -AccountName "Everyone" -AccessRight Full -Force | Out-Null } # Get all users from the OU. # $DC1, $DC2, and $ADou must be set above. $users = Get-ADUser -Filter * -SearchBase "$($ADou),dc=$($DC1),dc=$($DC2)" #$users #pause # Loop thru all users. foreach ( $user in $users ) { # All the variables must be set above. # Set the path to the user's home directory. $homeDirectory = "$fqdn\$homefolder\" + $user.SamAccountName; # Test if the user's home directory exists. if (-not (Test-Path -Path "$($drive):\$($homefolder)\$($user.SamAccountName)") ) { # The user's home directory oes not exist. # Create it. New-Item -Path "$($drive):\$($homefolder)\$($user.SamAccountName)" -ItemType Directory | Out-Null # Create a file in the user's home directory. $filename = "New home folder for user $($user.SamAccountName)" New-Item "$($drive):\$($homefolder)\$($user.SamAccountName)\$($filename)." | Out-Null # Get the Access Control List (acl) for the user's home directory. $acl = Get-Acl "$($drive):\$($homefolder)\$($user.SamAccountName)" # Set the owner to the user. $acl.SetOwner([System.Security.Principal.NTAccount] $($user.SamAccountName)) # Apply the new acl. Set-Acl "$($drive):\$($homefolder)\$($user.SamAccountName)" $acl # Give Administrator Full Control $permissions = "Administrator", 'FullControl', 'ContainerInherit,ObjectInherit', 'None', 'Allow' $rule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $permissions $acl.SetAccessRule($rule) # Give user Full Control $permissions = "$DC1.$DC2\$($user.SamAccountName)", 'FullControl', 'ContainerInherit,ObjectInherit', 'None', 'Allow' $rule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $permissions $acl.SetAccessRule($rule) # Apply the new acl. $acl | Set-Acl -Path "$($drive):\$($homefolder)\$($user.SamAccountName)" # Remove inheritence for other users. $acl.SetAccessRuleProtection($True, $False) # Apply the new acl. Set-Acl "$($drive):\$($homefolder)\$($user.SamAccountName)" $acl } # Finally, configure the H: drive mapping to the user's home directory. Set-ADUser -Identity $user.SamAccountName -HomeDirectory $homeDirectory -HomeDrive H: }