burn_888
asked on
Creating Mulitple Home Folders 2003 AD
This is what I think we need to do?
--------------------------
I would like to in affect create a 2nd home folder.
When we create a new user, we would like to automatically create a new folder within a share and apply appropriate permission to allow only that user access and map it to a drive letter.. (Just like their home folder).
Why I want to do it! Is there a better way?
--------------------------
I work at College with lots of students and we have just purchase a 2003 Storage Server.
We would like to allow students to save large files in their own directory. Without access to anyone else areas.
We cannot change their home directories, so would like to affectively create them a 2nd one.
We have a 2003 servers with XP workstation.
The process must be automatic.
Thanks in advance for the help
Rob
--------------------------
I would like to in affect create a 2nd home folder.
When we create a new user, we would like to automatically create a new folder within a share and apply appropriate permission to allow only that user access and map it to a drive letter.. (Just like their home folder).
Why I want to do it! Is there a better way?
--------------------------
I work at College with lots of students and we have just purchase a 2003 Storage Server.
We would like to allow students to save large files in their own directory. Without access to anyone else areas.
We cannot change their home directories, so would like to affectively create them a 2nd one.
We have a 2003 servers with XP workstation.
The process must be automatic.
Thanks in advance for the help
Rob
ASKER
Hi Jay
Their Home Folder is aready redirected to "My Documents" and we cannot change this for suppport reasons.
I thought it might be the case that we cannot have two home folders. However I want the affect of two home folders. I want to recreate what the home folder process does, creates folder and set permissions but for a 2nd folder. All this at user creation!
I assume that were into some scripting?
Thanks
Rob
Their Home Folder is aready redirected to "My Documents" and we cannot change this for suppport reasons.
I thought it might be the case that we cannot have two home folders. However I want the affect of two home folders. I want to recreate what the home folder process does, creates folder and set permissions but for a 2nd folder. All this at user creation!
I assume that were into some scripting?
Thanks
Rob
Winlogon service is responsible for creating user's home folder by executing function from UserEnv.dll and then searching for "All Users" and "Default User" directory in C:\Documents and Settings. Finally it copies the contents of these directory into a single directory for current user. This is how user's home folder is created at log on. This process is bit hard because a second user's home folder for same user is never created by Windows default services on same computer.
I can supply a script which creates a second home folder but only after current user has logged on to system successfully. You can execute this script via GPO and creating a second home folder for all users logging on to domain.
Let us know.
I can supply a script which creates a second home folder but only after current user has logged on to system successfully. You can execute this script via GPO and creating a second home folder for all users logging on to domain.
Let us know.
ASKER
Hi SP
The new folder would be created on a different server to that of a users current home folder (if it makes any difference) but within the same domain.
A script as you describe above would be fantastic!
Thanks
Rob
The new folder would be created on a different server to that of a users current home folder (if it makes any difference) but within the same domain.
A script as you describe above would be fantastic!
Thanks
Rob
Hmm seeing that you have support issues i guess SP's script will be the best way to go
Please confirm few things before I could supply one for you:
1. Script searches for a file called "HomeFolder.txt" on user computer - this is a base of script. If this file exists on local computer that means Second home folder is already created for this user.
2. If file doesn't exist it copies the contents of first home folder to second home folder on given server in the script.
3. User finishes his work and log off from computer.
4. A log off script runs and will copy only changed items to Second home folder on server so both the home folders are consistent.
Is that you want if I understood you properly?
1. Script searches for a file called "HomeFolder.txt" on user computer - this is a base of script. If this file exists on local computer that means Second home folder is already created for this user.
2. If file doesn't exist it copies the contents of first home folder to second home folder on given server in the script.
3. User finishes his work and log off from computer.
4. A log off script runs and will copy only changed items to Second home folder on server so both the home folders are consistent.
Is that you want if I understood you properly?
ASKER
Hi
Sorry I don’t think I’ve explained it correct so here more detail!
Current setup
-------------------
Each student has an N:\ Drive mapped to a share (Username$) on their “home server” – one of our domain controllers. This share sits within another share.(Studentwork$)
The “My Documents” folder is redirected to this share. This is their home folder (as configured on their user account).
The “My Documents” has NTFS Permissions set so that no other users can access this area. (except admins obviously)
We have roaming profiles and students log onto different machines each time. Students cannot work from local drives only from mapped network drives.
The server that hosts their “My Documents” (Network N:\) is running out of space so we purchased 2003 storage server.
Required Setup
------------------
We cannot redirect their “home folder” to our storage sever and need to create an additional mapped network drive to a second share e.g. username2$ on our 2003 storage server. The folder would need to have the appropriate permission set to allow only that student access. (and again domain admins)
The student’s two folders N:\ and J:\ would not need to be synchronized as we need them to provide additional storage. So they can store large multimedia files on their new J:\ (our storage server)
When we create a new user we would like the above to happen automatically either at creation or first log on etc.
Process required
- Create New Folder (username) on storage server within a share (Studentwork$)
- Share that folder (username2$) – Set Share Permissions – Everyone Full Control
- Set NTFS Permission
- The new share can then be mapped via logon script to J:\
The students would then have their home folder (My documents - N:\) and additional drive (J:\ for large files)
Hope I’ve not made things worse by going into to much detail!
Thanks for the Help
Rob
Sorry I don’t think I’ve explained it correct so here more detail!
Current setup
-------------------
Each student has an N:\ Drive mapped to a share (Username$) on their “home server” – one of our domain controllers. This share sits within another share.(Studentwork$)
The “My Documents” folder is redirected to this share. This is their home folder (as configured on their user account).
The “My Documents” has NTFS Permissions set so that no other users can access this area. (except admins obviously)
We have roaming profiles and students log onto different machines each time. Students cannot work from local drives only from mapped network drives.
The server that hosts their “My Documents” (Network N:\) is running out of space so we purchased 2003 storage server.
Required Setup
------------------
We cannot redirect their “home folder” to our storage sever and need to create an additional mapped network drive to a second share e.g. username2$ on our 2003 storage server. The folder would need to have the appropriate permission set to allow only that student access. (and again domain admins)
The student’s two folders N:\ and J:\ would not need to be synchronized as we need them to provide additional storage. So they can store large multimedia files on their new J:\ (our storage server)
When we create a new user we would like the above to happen automatically either at creation or first log on etc.
Process required
- Create New Folder (username) on storage server within a share (Studentwork$)
- Share that folder (username2$) – Set Share Permissions – Everyone Full Control
- Set NTFS Permission
- The new share can then be mapped via logon script to J:\
The students would then have their home folder (My documents - N:\) and additional drive (J:\ for large files)
Hope I’ve not made things worse by going into to much detail!
Thanks for the Help
Rob
Eh....
>>>Winlogon service is responsible for creating user's home folder by executing function from UserEnv.dll and then searching for "All Users" and "Default User" directory in C:\Documents and Settings.
My above explanation is incorrect. I was explaining how Winlogon Service creates a *USER PROFILE* using UserEnv.dll module. Sorry guys...I have no sleep since last two days.
Fair enough. your explanation is very useful. As simple as pie!. A variable (%USERNAME) will be used in script to create second home folder for currently logged on user, assign permissions on folder and finally map it to given drive letter.
Now you have two choices. I have two script to accomplish the above goal.
First Script -
-------------
Create two CMD files. First one creates empty second home folder on server. You run it manually from either DC or a member computer. Second one contains commands for assigning permissions and mapping second home folder. This one can be processed through GPO.
Steps for first script
-------------------------
1. Export a list of user accounts from AD.
2. Put them in a text file.
3. Run a script to create their second home folder on \\server_name\Studentworks
4. Assign permissions for current user (pick user name from text file) to \\server_name\Studenworks$
5. Finally create a simple batch file to map \\server_name\Studentworks
Second Script
-----------------
1. Create a script that automatically detects currently logged on user's name, creates second home folder, assign permissions and finally map the drive.
Which one you would like to go for?
I try to answer questions in one or two posts. I don't want to make thread too long for obvious reasons. Other experts have to go through each post to understand the comments posted.
SP
>>>Winlogon service is responsible for creating user's home folder by executing function from UserEnv.dll and then searching for "All Users" and "Default User" directory in C:\Documents and Settings.
My above explanation is incorrect. I was explaining how Winlogon Service creates a *USER PROFILE* using UserEnv.dll module. Sorry guys...I have no sleep since last two days.
Fair enough. your explanation is very useful. As simple as pie!. A variable (%USERNAME) will be used in script to create second home folder for currently logged on user, assign permissions on folder and finally map it to given drive letter.
Now you have two choices. I have two script to accomplish the above goal.
First Script -
-------------
Create two CMD files. First one creates empty second home folder on server. You run it manually from either DC or a member computer. Second one contains commands for assigning permissions and mapping second home folder. This one can be processed through GPO.
Steps for first script
-------------------------
1. Export a list of user accounts from AD.
2. Put them in a text file.
3. Run a script to create their second home folder on \\server_name\Studentworks
4. Assign permissions for current user (pick user name from text file) to \\server_name\Studenworks$
5. Finally create a simple batch file to map \\server_name\Studentworks
Second Script
-----------------
1. Create a script that automatically detects currently logged on user's name, creates second home folder, assign permissions and finally map the drive.
Which one you would like to go for?
I try to answer questions in one or two posts. I don't want to make thread too long for obvious reasons. Other experts have to go through each post to understand the comments posted.
SP
ASKER
Hi SP
The second script sounds perfect. (but dont let me keep you up : -) in your own time is cool)
Thanks
Rob
The second script sounds perfect. (but dont let me keep you up : -) in your own time is cool)
Thanks
Rob
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We are running test on are test network to try and get it perfect. Will report back when we ar done.
Thanks
Rob
Thanks
Rob
burn_888 - can you report status of your test, assign points, and close the case?
why not have a home drive and then a policy which points the my documents folder to somewhere else
http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html