3

I know if we setup a base folder or a profile path in the Profile tab of an AD user, we can copy it and the folder creation and permission setup will be automated.

My problem is that not all my users have a roaming profile and the home folder linking is done thru GPO. When I copy from these users, the home folder isn't created automatically and I have to create it manually and change permission and ownership on that folder, located on the fileserver.

What should I do? A script may be nice but it'd have to be run everytime a new user is created and I don't think we can link a script to an AD user creation? I'd like to avoid any manual steps and keep my GPO that way. Using a W2008r2 DC on w7 client boxes.

Thanks.

vn.
  • 375
  • 2
  • 10
  • 2
    On the idea of a script, you can always write a script that both creates a new user and does the other stuff, rather than running a script to do the other stuff after manually creating a user. – HopelessN00b Jun 21 '12 at 21:50

1 Answers1

1

You should automate the whole user account creation process.

You can use new-aduser in PowerShell which is part of the RSAT command-line tools to create user accounts, then you can use new-item to make the folder and get-acl and set-acl to modify the permissions on the new folder.

Sometimes the PowerShell ACL commands are a bit clunky. You could also call icacls.exe from your script if that's easier for you.

MDMarra
  • 100,183
  • 32
  • 195
  • 326