Script Help: Add home Directory permissions for new domain account.
-
Saturday, February 02, 2013 9:43 PM
I have an input file called UserList.csv with two columns, one column has users in domain A and second column for domain b.
These two domains have a trust and I'm taking accounts in domain A and the corresponding accounts in domain B and assigning rights to some home directories so when the users flip over to the new domain they can grab their files. Hope that all makes sense here's the script.
#Load AD Module
#users from the text file are in $User.DA and $User.DB format
Import-Module ActiveDirectory
$Users = Import-CSV "C:\Users.csv"
% ($User in $Users)
{
$Homedir = (Get-ADUser -Identity "$Users.DA" -Property "*" | Select-Object -Property homedirectory)
$acl = Get-ACL -Path "$homedir"
$permission = "$Users.DB", "fullcontrol","containerinherit","objectinherit","none","allow"
$accessrule = new-object system.security.accesscontrol.filesystemaccessrule $permission
$acl setaccessrule($accessrule)
$acl \ Set-ACL $homedir
}
- Edited by Jadams6 Sunday, February 03, 2013 12:17 AM Wouldn't let me earlier
All Replies
-
Saturday, February 02, 2013 10:19 PM
I am going to start with one of my pet peaves here.
Don't take this as criticism but can you please go back and make your topic your question. Just saing "help" does not provide any infomation for others who may be searching for answers tot the same issue as you.
Thankyou.
You might call your topic. "How do I move user rights form one domainh to another?" Or somethng similar.
¯\_(ツ)_/¯
-
Saturday, February 02, 2013 10:20 PM
You said:
These two domains have a trust and I'm taking accounts in domain A and the corresponding accounts in domain B and assigning rights to some home directories so when the users flip over to the new domain they can grab their files. Hope that all makes sense here's the script.
What is your question?
¯\_(ツ)_/¯
-
Saturday, February 02, 2013 10:24 PM
These two lines are wong = syntax and no comamnd like that.
$acl setaccessrule($accessrule)
$acl \ Set-ACL $homedir¯\_(ツ)_/¯
-
Saturday, February 02, 2013 10:36 PM
This is closer:
if($homedir=(Get-ADUser -Identity $Users.DA -Property homedirectory).homedirectory){ $acl = Get-Acl -Path $homedir $ace=new-object System.Security.AccessControl.FileSystemAccessRule($Users.DB,'fullcontrol','allow') $acl.SetAccessRule($ace) Set-Acl $homedir $acl }else{ Write-Host 'No diredctory found for user' -ForegroundColor red }¯\_(ツ)_/¯
- Marked As Answer by Jadams6 Sunday, February 03, 2013 11:16 PM
-
Sunday, February 03, 2013 11:15 PM
Thanks for the help. I changed the title, when I entered the post I immediately tried to fix the title before anyone responded, however there seems to be a waiting period before a post can be edited.
The script you provided worked with only minor changes. Thanks again for the assistance. Can you recommend a good book for powershell scripting. Usually I knock out scripts in a day with minimal assistance but I got pretty stumped on this one.
Jose Adams
-
Monday, February 04, 2013 12:14 AM
If you are comfortable with PowerShell try Payettes book.
It is older but has more of the nuts and bolts at a lower level than many books.
I also recommend spenfing time with the Net framework and WIndows Internals. It will help you decode how to use Net and how PowerSHell wraps the system.
¯\_(ツ)_/¯
.png)
