Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

Mass folder creation and permission set

Posted on 2008-10-06
6
Medium Priority
?
380 Views
Last Modified: 2008-11-30
Ive got an OU with 100 students and I want to have a separate folder for each user with the following permissions
Teachers group= read/write/delete on all folders
Students= read/write/delete on their own folder only

Any ideas how I can scrip this otherwise its a lot of typing?

Many thanks
Andy
0
Comment
Question by:AndyinJapan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 22655467
The following script must be run on the server.

Always run tests before implementing a script in production.
@echo off
 
Set ou1=TheOUWithYourStudents
Set dc1=domain
Set dc2=local
REM This assumes that all student folders are stored in X:\users - x:\users\jsmith, etc
Set PathToUsers=X:\Users
 
REM (NOTE this assumes your domain name is domain.local - DC1 is "domain" and DC2 is "local")
 
for /f "tokens=1 skip=2" %%a in ('dsquery * ou=%ou1%,dc=%dc1%,dc=%dc2% -attr SamAccountName') Do (
   If not exist "%pathtousers%\%%a" md "%pathtousers%\%%a"
   cacls "%pathtousers%\%%a" /t /c /g "teachers group":F %%a:f
   rem OPTIONAL: Share each user folder as hidden share with everyone granted access to the share
   rem NTFS permissions will enforce who is able to access the data.  
   rem If you don't want this, remove the NET SHARE line.
   net share %%a$="%pathtousers%\%%a"
)

Open in new window

0
 

Author Comment

by:AndyinJapan
ID: 22655653
Leew,

Hi there and thanks for your prompt reply!

Sorry, I sholuld have make it more clear but the folders are not made as I wanted to script that as well?

The actually path is OU=Y1,OU=Students,DC=bst,dc=local"
I would like the folders to be in H:\Students\Y6

Sorry......thanks again
Andy
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 22656628
Did you try modifying the script - you would set pathtousers=h:\students\y6 - the script I posted already created the folders if they don't exist.  The only other thing you would need to do is add the other OU line - i used variables, but you can just add it directly.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:AndyinJapan
ID: 22656802
Hi again,

thanks for you help on this....

Am getting the following error
Invalid Character
Line 1
Char 1

code: 800A0408

If I take the @echo off part out it then read a error at line 7 char 19

Odd.....

Hey, thanks again for your help on this one

Andy
0
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 1500 total points
ID: 22656809
please post a screen shot of the outcome.

By the way, this is NOT a vbs file - this is a batch file - a .cmd file.
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 23065659
Why the B Grade?
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

647 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question