Hack 33 Script Creation of a User's Home Directory and Permissions
Configuring home directories for users is a slow process using the GUI. Here's a script that does it faster.
Ever wish you could create a user and her home directory and set the necessary permissions on that directory all in one script? Here is a sample script that shows you how to accomplish this. If you know some VBScript, you can easily customize it further to meet your needs.
This script creates a user, adds additional properties such as telephone number and title, sets the password, and enables the user's account. Then the script creates the user's home folder and sets the Administrators group to have Full Control permission on the folder and the user's account to have Change permission on the folder. This script can easily be modified to set the permissions to fit the requirements of any environment. All you have to do is review the command-line switches for the cacls command and make the appropriate changes in the script.
The Code
To use this script, type it into Notepad (with Word Wrap disabled) and save it with a .vbs extension as CreateUserHomeDirectory.vbs.
Option Explicit
Const WAIT_ON_RETURN = True
Const HIDE_WINDOW = 0
Const USER_ROOT_UNC = "\\dc1\users" 'Set Home Folder Location Here
Dim WshShell, WshNetwork, objFS, objServer, objShare
Set WshShell = Wscript.CreateObject("Wscript.Shell")
Set WshNetwork = WScript.CreateObject("WScript.Network")
Set objFS = CreateObject("Scripting.FileSystemObject")
Set ou = GetObject("LDAP://OU=Users,OU=Billing,OU=Network,DC=my,DC=domain,DC=com")
'Create the User
Set usr = ou.Create("user", "CN=James Smith")
usr.Put "samAccountName", "jsmith"
usr.Put "sn", "Smith"
usr.Put "givenName", "James"
usr.Put "userPrincipalName", "jsmith@my.domain.com"
usr.Put "telephoneNumber", "(555) 555 0111"
usr.Put "title", "Network Billing Dept"
usr.SetInfo
'Now that the user is created, reset their password and enable the account.
usr.SetPassword "secret***!"
usr.AccountDisabled = False
usr.SetInfo
'Now create the User's Home Folder and set permissions.
strUser = usr.samAccountName
Call objFS.CreateFolder(USER_ROOT_UNC & "\" & strUser)
Call WshShell.Run("cacls " & USER_ROOT_UNC & "\" & strUser & _
" /e /g Administrators:F", HIDE_WINDOW, WAIT_ON_RETURN)
Call WshShell.Run("cacls " & USER_ROOT_UNC & "\" & strUser & _
" /e /g " & strUser & ":C", HIDE_WINDOW, WAIT_ON_RETURN)
Running the Hack
To run the script, modify the following line to set the home folder location:
Const USER_ROOT_UNC = "\\dc1\users" 'Set Home Folder Location Here
Then modify the following line to specify the organizational unit (OU) in which you want to create the user:
Set ou = GetObject("LDAP://OU=Users,OU=Billing,OU=Network,DC=my,DC=domain,DC=com")
Finally, modify the following lines to specify the personal information for the user, as desired:
Set usr = ou.Create("user", "CN=James Smith")
usr.Put "samAccountName", "jsmith"
usr.Put "sn", "Smith"
usr.Put "givenName", "James"
usr.Put "userPrincipalName", "jsmith@my.domain.com"
usr.Put "telephoneNumber", "(555) 555 0111"
usr.Put "title", "Network Billing Dept"
Hans Schefske
