Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 131
  • Last Modified:

home drive migration

Dear Experts,

Could I please have the best method to migrate home folders based on my scenario

I have 2008 r2 file servers ( clustered)  with home drives on it.   number of users are over 1000.  

All users are mapped to their home folders via  Group policy ( 2008 r2)  as mapped drive. ( no scripting) This section only requires me to change its current location to new location  in Group policy after migration so users can have their home drives back hosted in new file server.

Question -  What is the best way of migrating home drives to new server please?  As size of the data TBs and also number of users are high, I am planning to use backup utility to restore home drives to new server on a daily basis and not happy to do all at one go.  is it something you guys tried?  Do I need to be concerned with anything here? Permissions, Folder name duplication?  Current home drive path is as follows;

H:\\Oldserver\users\home\firstname.surname

not every user owns their home folders.  It is very mixed. For home folder creation process, Service Desk only  locates the path and issue %username% in the end of the path where it says "firstname.surname"   and user's home folder gets created on the file server. Would it not be preferred to make users owner of their home drives?

Secondly. I need to change their home drive path in AD. do you have any proven and easy process for this too please?

thanks for your time and response.
0
kuzum
Asked:
kuzum
  • 9
  • 4
  • 3
2 Solutions
 
Benjamin VoglarIT ProCommented:
We did that a few years ago. The best method was backup/restore.

To change the home folder:

Get-ADUser -Filter * -SearchBase $targetou | Foreach-Object{

    $sam = $_.SamAccountName
    Set-ADuser -Identity $_ -HomeDrive "H:" -HomeDirectory "\\server\share\$sam"

Open in new window



https://social.technet.microsoft.com/Forums/scriptcenter/en-US/2bb716ed-d30d-4ca5-b38e-ea0894555fac/using-powershell-to-bulk-change-the-home-folder-path-of-ad-objects-username?forum=ITCG
0
 
kuzumAuthor Commented:
thanks for your prompt response Benjamin,  

any chance I can test this against number of users  first? I'd like to do a test on few users before I run your code against all users. I also wondering if you had any difficulties/issues with result?

thanks.
0
 
kuzumAuthor Commented:
Sorry, forgot to mention, I will have more than one home drive locations hence need to be able to run this against specify  users so that I can balance them equally if possible so I can't run it against all my users.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Benjamin VoglarIT ProCommented:
Yes, shure.


First make a test OU with test users and then define the variable:

$targetou = "OU=Users,OU=test,DC=yourdomain,DC=local"


You can run first:

Get-ADUser -Filter * -SearchBase $targetou

just to be shure that this are the correct users.
0
 
kuzumAuthor Commented:
thanks Benjamin, It seems I am doing something strange.  is there anything wrong with below line?

import-module Active Directory

Get-ADUser -Filter * -Searchbase $targetou = "ou=myou, ou=users,ou=test,DC=mydomain,DC=local"

error indicates that "searchbase" parameter can not be null.
0
 
Benjamin VoglarIT ProCommented:
$target = "ou=myou, ou=users,ou=test,DC=mydomain,DC=local"

Get-ADUser -Filter * -Searchbase $target


or

Get-ADUser -Filter * -Searchbase "ou=myou, ou=users,ou=test,DC=mydomain,DC=local"

Use "Windows Powershell ISE"
0
 
kuzumAuthor Commented:
Benjamin, I am not getting any luck with this I'm afraid.

error: Get-ADuser: the supplied distinguishedName must belong to one of the following partition(s) : .........

Could you test it from your end by any chance?

thanks
0
 
Dustin SaundersDirector of OperationsCommented:
Here is a script that can do the move, but keep permissions on the files.

You can set the old root path and the new root path, it will replace the path with the new one, create directories and set ACL on each, and move files and set ACL on each.  Errors and success will be logged  at the file listed.

I haven't thoroughly tested as I have a large workload, but this should be functional for you to test and see if it works.

$oldRootServerPath = "\\localhost\share\"
$newRootServerPath = "\\localhost\share2\"
$errorLog = "C:\Users\Administrator\Desktop\error.txt"
$copyLog = "C:\Users\Administrator\Desktop\copy.txt"
$sourceOU = "OU=TestCompany,OU=Clients,OU=zUsers,DC=Wizdev,DC=local"

function WriteError($message)
{
    $stamp = Get-Date
    $error = $stamp.ToString() + " -- " + $message
    Add-Content -Path $errorLog -Value $error
}

function WriteCopy($message)
{
    $stamp = Get-Date
    $msg = $stamp.ToString() + " -- " + $message
    Add-Content -Path $copyLog -Value $msg
}


function CopyHomeDirectory($source)
{
    $newRoot = $source -replace [regex]::Escape($oldRootServerPath),$newRootServerPath
    if (!(Test-Path $newRoot)) 
    {
        New-Item -ItemType Directory $newRoot
        $acl = Get-Acl $source
        Set-Acl -Path $newRoot -AclObject $acl
    }
    $folders = Get-ChildItem $source -Recurse | ?{$_.PSIsContainer}
    foreach ($folder in $folders)
    {
        try {
        $oldFolder = $folder.FullName
        $acl = Get-Acl $oldFolder
        $newFolder = $oldFolder -replace [regex]::Escape($oldRootServerPath),$newRootServerPath
        if (!(Test-Path $newFolder)) {
            New-Item -ItemType Directory $newFolder
            Set-Acl -Path $newFolder -AclObject $acl
            }
        }
        catch {
        $eMessage = "Could not copy folder " + $oldFolder
        WriteError($eMessage)
        $errors++
        }
    }

        $files = Get-ChildItem $source -Recurse | ?{!$_.PsIsContainer}
        foreach ($file in $files)
        {
            try {
            $oldFile = $file.FullName
            $acl = Get-Acl $oldFile
            $newFile = $oldFile -replace [regex]::Escape($oldRootServerPath),$newRootServerPath
            Copy-Item $oldFile -Destination $newFile
            Set-Acl -Path $newFile -AclObject $acl
            }
            catch {
            $eMessage = "Could not copy file " + $oldFile
            WriteError($eMessage)
            $errors++
            }
        }


}

$users = Get-ADUser -Filter * -SearchBase $sourceOU -Properties homeDirectory | ?{$_.homeDirectory} | select  sAMAccountName,homeDirectory

foreach ($user in $users)
{
    $errors = 0
    $path = $user.homeDirectory.ToString()
    CopyHomeDirectory($path)
    $copyMsg = "Copy completed for " + $path + " -- " + $errors + " errors occurred."
    WriteCopy($copyMsg)
    $newPath = $path -replace [regex]::Escape($oldRootServerPath),$newRootServerPath
    Set-AdUser -Identity $user.sAMAccountName -HomeDrive "H:" -HomeDirectory $newPath
}

Open in new window

0
 
kuzumAuthor Commented:
thanks Dustin and I appreciated your efforts and time. I test this and let you know.

Since I am moving home drives to new location by restoring home drives to new location,   I'd like to  keep the home drives in its old location for roll back plan if I need to revert back.

Could I please have something more simple?  I have a test OU with some test user accounts in it in AD.  I would like to test them and move 50 live users a day. So something to run against a OU?
0
 
Dustin SaundersDirector of OperationsCommented:
So you would like to move the files to verify permissions and that everything copied, but you don't want to change the homedrive path yet?  Is that correct?
0
 
kuzumAuthor Commented:
Hi Dustin,

I want to run the script against a test OU in AD which will have some test AD accounts

I want script to change users  home drive paths in AD  to a new location ( new file server will host home drives)

Actual move will be done by backup software. I will simply restore  home drives to new location and then use script against test OU to change users home drive paths to new location where home drives will be such as Mike. Tyson. So when Mike logs on to domain, his home folder will be now in new file server. Something like Benjamin's script which I could not get it working.

Alternatively, I would like to use your first solution( do the move)  but I need to run it against a test OU in AD first  and after a successful move, I will move live users to my test OU and run your code against it to make sure I am moving home folders like 100 a day.

I hope I am not confusing and wasting your time! thanks.
0
 
Dustin SaundersDirector of OperationsCommented:
Hmm, ok- try this.  It will change the home directory of the user to the new path + firstname.lastname in active directory.

$newPath is the new location root.
$sourceOU is the OU to run against.

$sourceOU = "OU=CompanyC,OU=Clients,OU=zUsers,DC=Wizdev,DC=local"
$newPath = "\\server\share\homedir\"

$users = Get-ADUser -Filter * -SearchBase $sourceOU -Properties homeDirectory,sn | ?{$_.homeDirectory} | select  sAMAccountName,homeDirectory,givenName,sn
foreach ($user in $users)
{
    $name = $user.givenName + "." + $user.sn
    $newHomePath = $newPath + $name
    Set-AdUser -Identity $user.sAMAccountName -HomeDrive "H:" -HomeDirectory $newHomePath -Whatif
}

Open in new window


Edit this line, remove -Whatif to actually make the change.  Otherwise the code will just show you what it would be applying.
Set-AdUser -Identity $user.sAMAccountName -HomeDrive "H:" -HomeDirectory $newHomePath -Whatif

Open in new window


The code above does the entire migration process (copy, set custom permissions, change home dir).
0
 
kuzumAuthor Commented:
I had this error. I think it is my source OU casuing trouble?

Get-ADUser : The supplied distinguishedName must belong to one of the following partition(s): 'CN=Configuration ....
 
Set-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null. Supply a non-null argument and try the command again.
At line:15 char:25
+     Set-AdUser -Identity <<<<  $user.sAMAccountName -HomeDrive "H:" -HomeDirectory $newHomePath -Whatif
    + CategoryInfo          : InvalidData: (:) [Set-ADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.SetADUser
0
 
Dustin SaundersDirector of OperationsCommented:
Potentially, can you paste the source OU you're using?
0
 
kuzumAuthor Commented:
ok, I got this working as follows;

"
import-module activedirectory

$targetou= "OU=Test,OU=Users,OU=myOU,DC=myOU,DC=mydc,DC=local"
Get-ADUser -Filter * -SearchBase $targetou | Foreach-Object{
$sam = $_.SamAccountName
    Set-ADuser -Identity $_ -HomeDrive "Y:" -HomeDirectory "\\server\share\HOME\$sam"
    }
"

I am trying to get this working slightly different and get user list from csv file instead and change their home drive path in AD. Could you please help me with below code? as expected, it is not working. Could you please modify this or give another one that you used?

$UserList = Import-Csv -Path C:\mydata\userlist.csv

foreach ($User in $UserList) {
 
$Account = Get-ADUser -LDAPFilter ('(displayname={0})'-f. $User.DisplayName);
 $HomeDirectory = '\\server\share\HOME'+-f $Account.SamAccountName;
   Set-ADuser -Identity $Account.SamAccountName -HomeDirectory $HomeDirectory  -HomeDrive -Y;
    }
0
 
kuzumAuthor Commented:
both solutions worked and I used both based on my needs.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

  • 9
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now