Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Logon Script and Home Directory

Posted on 2009-04-17
6
Medium Priority
?
692 Views
Last Modified: 2012-05-06
We have a small windows network with 2 windows 2003 domain controllers, 40 XP clients. We also have EMC, NAS server for File storage. I need a login script that will:
1.      Assign a home folder to all users with "the user" having full control of its folder.
2.      Set the home drive letter to H
3.      Set the initial home folder \\nasserver\home$\home\%username%$

I also plan on adding this script to the group policy.

0
Comment
Question by:ida_exch
  • 2
  • 2
  • 2
6 Comments
 
LVL 15

Expert Comment

by:zelron22
ID: 24171102
Create your home$ share on the NAS, with the Home folder under it.  
Your best bet (for only 40 users) is to use AD Users and Computers, highlight all of the users you want to change, right click and get properties.

On the profile tab, click Connect, set the letter you want (H:), and then put the path in for the share followed by the %username% variable, i.e. \\nasserver\home$\home\%username%.

That should create the folder with appropriate rights (as long as the share was set to full control) and map the drive to the folder.

0
 

Author Comment

by:ida_exch
ID: 24171162
I was not clear. we have 40 XP client but 394 USER ACCOUNTS. These clients are shared in the organization. so AD Users and Computers, will not work for us. Also are going to link this script in GP
0
 
LVL 15

Expert Comment

by:zelron22
ID: 24171863
Hmm.  The thing with a logon script is that it's going to be run with the users permissions unless you set the credentials within the script, the users most likely won't (and certainly shouldn't) have the permissions necessary to create a share.  Once the share is created, you can insert the following into a login script: "net use h: \\nasserver\home$\home\%username% /home" and that will set home to the drive.  

Alternatively, assuming that you can find some significant attribute to query on, you could use dsget and dsmod to get and modify user accounts and set their profile path and home drive.  

You could use a script to modify existing users using dsget and dsmod (http://technet.microsoft.com/en-us/library/cc732954.aspx), and then another script to create the users (using dsadd), create the shares, and set the permissions.

The scripting guys have a script in their archive for creating a share, but you'll need something like SUBINACL to create the permissions, I believe.  

http://www.microsoft.com/technet/scriptcenter/resources/qanda/hsgarch.mspx  (the link to download the archive is near the bottom).

0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 24173012
As said, use dsquery/dsget/dsmod commands to bulk modify the users.
Copy the snippet below into *.cmd or *.bat file and modify the OU-path and DC-path to match your environment should do what you want.
@echo off
set HOMEPATH=\\nasserver\home$\home
for /F %%a in ('dsquery user "OU=OU-path,DC=domain,DC=com"^|dsget user -samid') do (
  if not exist %HOMEPATH%\%%a md %HOMEPATH%\%%a
  cacls %HOMEPATH%\%%a /E /T /C /G %USERDOMAIN%\%%a:F
  dsquery user -samid %%a | dsmod user -hmdir %HOMEPATH%\%%a -hmdrv H:
)

Open in new window

0
 

Author Comment

by:ida_exch
ID: 24308982
I have question:
-      I have 12 different OUs: Sales, Admin, IT, IS, Payroll, SED, etc& . How to I modify the
OU-path  for all my OUs in the script you provided?
0
 
LVL 31

Accepted Solution

by:
Henrik Johansson earned 1500 total points
ID: 24496826
If they're sub-OUs of the OU in the query, it will be handled.

If they're in parallell OUs, the simpliest way to modify the script would propably be to replace the OU-path string with %~1 and pass the OU-path as argument when executing script. %1 will also work, but it doesn't take care of "spaced arguments" when excluding '~'-character.

I see I missed the comment about having 394 users. If not using -limit parameter to dsquery, the command will only return the first 100 records in search result. Use -limit 0 for unlimited or -limit X to return X records.
@echo off
set HOMEPATH=\\nasserver\home$\home
for /F %%a in ('dsquery user -limit 0 %~1^|dsget user -samid') do (
  if not exist %HOMEPATH%\%%a md %HOMEPATH%\%%a
  cacls %HOMEPATH%\%%a /E /T /C /G %USERDOMAIN%\%%a:F
  dsquery user -samid %%a | dsmod user -hmdir %HOMEPATH%\%%a -hmdrv H:
)

Open in new window

0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question