Solved

Mass folder creation and permission set

Posted on 2008-10-06
6
369 Views
Last Modified: 2008-11-30
Ive got an OU with 100 students and I want to have a separate folder for each user with the following permissions
Teachers group= read/write/delete on all folders
Students= read/write/delete on their own folder only

Any ideas how I can scrip this otherwise its a lot of typing?

Many thanks
Andy
0
Comment
Question by:AndyinJapan
  • 4
  • 2
6 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 22655467
The following script must be run on the server.

Always run tests before implementing a script in production.
@echo off
 

Set ou1=TheOUWithYourStudents

Set dc1=domain

Set dc2=local

REM This assumes that all student folders are stored in X:\users - x:\users\jsmith, etc

Set PathToUsers=X:\Users
 

REM (NOTE this assumes your domain name is domain.local - DC1 is "domain" and DC2 is "local")
 

for /f "tokens=1 skip=2" %%a in ('dsquery * ou=%ou1%,dc=%dc1%,dc=%dc2% -attr SamAccountName') Do (

   If not exist "%pathtousers%\%%a" md "%pathtousers%\%%a"

   cacls "%pathtousers%\%%a" /t /c /g "teachers group":F %%a:f

   rem OPTIONAL: Share each user folder as hidden share with everyone granted access to the share

   rem NTFS permissions will enforce who is able to access the data.  

   rem If you don't want this, remove the NET SHARE line.

   net share %%a$="%pathtousers%\%%a"

)

Open in new window

0
 

Author Comment

by:AndyinJapan
ID: 22655653
Leew,

Hi there and thanks for your prompt reply!

Sorry, I sholuld have make it more clear but the folders are not made as I wanted to script that as well?

The actually path is OU=Y1,OU=Students,DC=bst,dc=local"
I would like the folders to be in H:\Students\Y6

Sorry......thanks again
Andy
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 22656628
Did you try modifying the script - you would set pathtousers=h:\students\y6 - the script I posted already created the folders if they don't exist.  The only other thing you would need to do is add the other OU line - i used variables, but you can just add it directly.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:AndyinJapan
ID: 22656802
Hi again,

thanks for you help on this....

Am getting the following error
Invalid Character
Line 1
Char 1

code: 800A0408

If I take the @echo off part out it then read a error at line 7 char 19

Odd.....

Hey, thanks again for your help on this one

Andy
0
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 500 total points
ID: 22656809
please post a screen shot of the outcome.

By the way, this is NOT a vbs file - this is a batch file - a .cmd file.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 23065659
Why the B Grade?
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now