locked
Convert to PowerShell script RRS feed

  • Question

  • Hy guys! I have one server mounted on 2003Server, that we migrating to 2008R2. And to create users, we use a script (in bat) like this:

    rem create the users folder

    md d:\usuarios\user

    rem create the perfil folder

    md d:\profiles\user

    rem copy folder with patterns do folderuser

    xcopy /E x:\usuarios\Padrao d:\usuarios\user

    rem Cria o share do usuario e permissao do share
    net share user$=x:\usuarios\fsdiniz /GRANT:"Domain Users",CHANGE /GRANT:"Domain Admins",FULL

    rem create user
    net user user password /DOMAIN /ADD /ACTIVE:YES /EXPIRES:NEVER /FULLNAME:"Full name user" /PROFILEPATH:\\SRV\profiles$\user /SCRIPTPATH:script.bat

    rem permissions to folder users

    CACLS \\srv\d$\usuarios\user /T /E /R "Domain Users":R
    CACLS \\srv\d$\usuarios\user /T /E /C /P user:C
    CACLS \\srv\d$\usuarios\user/T /E /C /P "Domain Admins":F
    CACLS \\srv\d$\usuarios\user /T /E /C /P "SYSTEM":F
    CACLS \\srv\d$\usuarios\user /T /E /C /P "Backup Operators":C
    CACLS \\srv\d$\usuarios\user /T /E /C /P "Administrators":F

    rem permissions to profile folder users
    CACLS \\srv\profiles$\user /T /E /R "Domain Users":C
    CACLS \\srv\profiles$\user /T /E /C /P user:R
    CACLS \\srv\profiles$\user /T /E /C /P "Domain Admins":F
    CACLS \\srv\profiles$\user /T /E /C /P "SYSTEM":F
    CACLS \\srv\profiles$\user/T /E /C /P "Backup Operators":C
    CACLS \\srv\profiles$\user /T /E /C /P "Administrators":F

    The parts with "CACLS" how can I use with powershell commands? And more: how can set this permissions on AD, in profile tab?

    Thank´s a lot.

    Wednesday, January 2, 2013 12:12 PM

Answers

  • It isnever necessary to create these folders.  WIndows will create them automatically when the user profile is set as a roamed profile.  All folders that can be redirected should be redirected..

    It is strange how someone thought they had to do this manually in the first place.

    Create the uer and set the profiles path.  The folders will be created when you set the path using the Profile Tab.  All permissions will be set correctly.


    Happy New Year ¯\_(ツ)_/¯

    • Marked as answer by Bill_Stewart Tuesday, January 22, 2013 9:17 PM
    Wednesday, January 2, 2013 4:43 PM

All replies

  • You can continue to run this script from within PowerShell. If it works, why change it?

    And what does

    how can set this permissions on AD, in profile tab?

    mean?

    Bill

    Wednesday, January 2, 2013 3:41 PM
  • It isnever necessary to create these folders.  WIndows will create them automatically when the user profile is set as a roamed profile.  All folders that can be redirected should be redirected..

    It is strange how someone thought they had to do this manually in the first place.

    Create the uer and set the profiles path.  The folders will be created when you set the path using the Profile Tab.  All permissions will be set correctly.


    Happy New Year ¯\_(ツ)_/¯

    • Marked as answer by Bill_Stewart Tuesday, January 22, 2013 9:17 PM
    Wednesday, January 2, 2013 4:43 PM
  • perhaps they want to switch to powershell to avoid having to edit the existing file to change all instances of "user" to the actual name of the user account (well, not *all* instances), and "Full name user" to the actual user's actual full name. If so, they should consider adding the following two commands to the start of their batch script:

       (set/p user=enter account name of he new user: )

       (set/p full=enter full name of he new user: )

    and then change all appropriate instances of "user" in the script to "%user%", and change the NET USER command to:

       net user %user% password /DOMAIN /ADD /ACTIVE:YES /EXPIRES:NEVER /FULLNAME:%full% /PROFILEPATH:\\SRV\profiles$\%user% /SCRIPTPATH:script.bat

    If they actually do have a reason to convert to powershell they will find that setting the permissions will be the trickiest part, but that the rest should be done using the AD cmdlets instead of the NET command.


    Al Dunbar -- remember to 'mark or propose as answer' or 'vote as helpful' as appropriate.

    Wednesday, January 2, 2013 4:43 PM