troubleshooting Question

Query AD based on a users list, Create a folder in a Share based on usernames and set permissions

Avatar of Islandr
Islandr asked on
ProgrammingVB ScriptPowershell
11 Comments1 Solution641 ViewsLast Modified:
Hi Experts,

I pull the following script from the script repository, but that is the closest that I can get to what I am looking for, What I would like to do is to:

1. Query the AD based on a specific list of users (they just provided with regular first name and last names NOT username)
2. Pull those specific users from the AD and create folders for every user based on their usernames.
3. Set permissions (Full Admin rights) for every folders created.

Here is what I found that is closed to what I am looking for, in the following, this add a home directory, I do not want HOME directories because I already have it.  So, basically is:
Query AD based on a users list, Create a folder in a Share based on usernames and set permissions.


' Create HomeDir.vbs, 3:32 PM 1/4/2006
' File purpose: Add home directories for users on \\HOME\USER dfs share
'   Create File with list of users (userlist.txt)
'   Test if user account active
'   Test if Home directory exists
'   If home directory doesn't exist
'     Create Home Directory
'     Apply permissions using CACLS.EXE (v5.1.2600.0 or newer) may need to download from
'           (Microsoft or get from Windows 2003 Resource kit)
'     Set Home directory location in drive letter
'   Get next user until end of file (userlist.txt)
' To create "UserList.txt" file that the program reads execute the following command.
'   DSQUERY USER OU=IS,OU=PDX,DC=corp,DC=edu-resources,DC=com -LIMIT 0 >UserList.txt
' This creates a DN list with each user in quotes.
On Error Resume Next
Set objFSO = CreateObject("Scripting.FileSystemObject")
          'clear file for next report
Set RepFile = objFso.OpenTextFile("HomeDirReport.txt", 2, True)

Const USER_ROOT_UNC = "\\pdx23\home"
Const USER_HOME_UNC = "\\Corp\Home"

Set objArgs = WScript.Arguments
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.OpenTextFile("userlist.txt", 1)       '1 is for reading file only
Set WshShell = Wscript.CreateObject("Wscript.Shell")
        ' Read file line by line until end is reached
Do While objTextFile.AtEndOfStream <> True
  strNextLine = objTextFile.Readline
  wscript.echo strNextLine

          ' Check to see if user account is disabled
          ' Remove qoutes from text file          
  TrimUser = "LDAP://" & replace(strNextLine, chr(34),"")      ' Remove qoutes to use GetObject
  Set objUser = GetObject(TrimUser)

  if objuser.AccountDisabled = False then          ' True when Account Disabled is False
    WScript.Echo "The account is enabled."
    HomeDir = objuser.SamAccountName          
    ' Use mailNickName or SamAccountName, logon name doesn't work

         ' Does Home directory exist?
    if objFSO.FolderExists(USER_ROOT_UNC & "\" & HomeDir) Then
           ' Do nothing, directory already exists.
         ' Create User directory on \\corp\home\....
        Set objFS = CreateObject("Scripting.FileSystemObject")
        Call objFS.CreateFolder(USER_HOME_UNC & "\" & HomeDir)    ' Create home directory

           ' Set NTFS permissions on Home directory, use external program xcacls
        Call SetUserDirPerm()

    End If
         'Folder and home entries completed
           ' The account is disabled.
  End If
         ' No more users in file
'          ' Set NTFS permissions on Home directory, use external program xcacls
Sub SetUserDirPerm()
   Call WshShell.Run("Cacls " & USER_ROOT_UNC & "\" & HomeDir & _
   " /E /G " & "CORP\" & HomeDir & ":C", Hide_window, Wait_on_Return)
End Sub

'      Save user information to text file "HomeDirReport.txt"
Sub WrtToFile()
 Set RepFile = objFso.OpenTextFile("HomeDirReport.txt", 8, True)
             ' Open file for appending, create if needed
 RepFile.writeLine(objuser.SamAccountName & " Disabled:" & objuser.AccountDisabled & _
    " "& USER_HOME_UNC & "\" & HomeDir)
End Sub

Chris Dent
PowerShell Developer
Join our community to see this answer!
Unlock 1 Answer and 11 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 11 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros