So I thought to write a script that can ease system administrators job.
The beauty of this script is that it creates user folders in its respective OU name directory and assign them Read and Change share permissions. It also assigns "Domain Admins" a Full Control permission.
The only thing that you require is Administrators rights and you need to set two variables (SrvName, SrvDir) inside this script. Set SrvDir variable name with the Server name that holds users home drive share and set SrvDir with the actual path where these folder are to you created.
Following script requires RMTShare.exe program that Microsoft has placed on their FTP site at [ftp://ftp.microsoft.com/bussys/winnt/winnt-public/reskit/nt40/i386/RMTSHAR.EXE]
After downloading RMTSHAR.EXE, double-click it to extract the Readme.txt and Rmtshare.exe files.
Copy Rmtshare.exe to a folder where you save this script.
So here you go....
:: SCRIPT START ::
@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
::User Editable Variables - START
SET SrvName=\\JPAKK15
SET SrvDir=G:\USERS
:: User Editable Variables - END
SET _SrvPath=%SrvName%\%SrvDir::=$%
PING -n 3 -w 1000 %SrvName:\=% |FIND /I "TTL" >NUL
IF ERRORLEVEL 1 ECHO ERROR: Invalid server name or server unreachable. &GOTO :EXITScript
IF NOT EXIST "%_SrvPath%" ECHO Invalid server path or insufficient rights. &GOTO :EXITScript
FOR /F "delims=" %%u IN ('DSQuery * -Filter "(sAMAccountType=805306368)" -Attr samAccountName -l -limit 0') DO (
FOR /F "delims=, tokens=2" %%v IN ('DSQuery * -Filter "(sAMAccountName=%%u)" -Attr distinguishedName -l -limit 0') DO (
SET _vTmp=%%v
SET _OUName=!_vTmp:~3!)
IF NOT EXIST "!_SrvPath!\!_OUName!" MKDIR "!_SrvPath!\!_OUName!"
IF NOT EXIST "!_SrvPath!\!_OUName!\%%u" (
ECHO Processing: %%u
MKDIR "!_SrvPath!\!_OUName!\%%u"
RMTShare !SrvName!\"%%u"="!SrvDir!\!_OUName!\%%u" /REMOVE Everyone /GRANT "Domain Admins":F /GRANT %%u:C /REMARK:"User Drive" >NUL))
:EXITScript
PAUSE
EXIT /B 0
:: SCRIPT END ::
No comments:
Post a Comment