Moving User's Home Directories

So I moved user's home directories to a new server.  Sounds simple enough, right?  The user directories are sitting on the new server needing permission granted to the user.  I thought I would be able to select multiple users in AD, change the home directory path with the %username% wildcard and be on my way.  Wrong!  Errors out saying folder already created.  Doesn't assign permissions.  To make matters worse, I think I've fallen into this trap before.  So I'm stuck doing it one by one waiting for permissions to assign to every file and folder a user has.

For future reference, is there anything I could have done differently?
Kram80Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bcdudleyCommented:
I use a bat file like this to set permissions:

cacls e:\home\ /t /g "domain admins":f
cacls e:\home\ /t /e /g "System":f 
cacls e:\home\ /t /e /g "Creator Owner":f 
For /d %%f IN (*) Do cacls %%f /t /e /g %%f:f

Open in new window


This will reset all permissions for full control for domain admins, then ad system and owner with full as well.
0
bcdudleyCommented:
For future reference, you an use Robocopy and copy the files with /copyall or /mir option.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Kram80Author Commented:
With those Robocopy options I'm guessing it copies over permissions too?
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

bcdudleyCommented:
Yes, The options are:

  /SEC :: copy files with SECurity (equivalent to /COPY:DATS).
  /COPYALL :: COPY ALL file info (equivalent to /COPY:DATSOU).
  /MIR :: MIRror a directory tree (equivalent to /E plus /PURGE).

The /SEC copies security settings, /Copyall makes an identical copy and /MIR will make an exact copy of the original directory, including deleting any files that do not exist from the source directory. Robocopy is a Microsoft program similiar to xcopy, but with lots more options. I use it for all my big copies now.
0
PanicXCommented:
Couldn't you also, on the new server, rename the folder holding the home directories, then in AD, use your %USERPROFILE% option, after completed, move the home directories to their new home?
0
bcdudleyCommented:
You would have to move them to a different drive on the server. From what I recall, If you copy files from the same drive, they will retain the permissions. When you move them to a different drive, the permissions reset to the parent directory. Either way could result in inconsistent or undesired permissions.

Using Robocopy is the safest way to maintain permissions. Using the cacls script I provided is the safest way to reset them.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.