Last active
April 22, 2016 13:44
-
-
Save micmaher/b049bd9f56e0fbfb1167 to your computer and use it in GitHub Desktop.
PowerShell Script - Enables user account, creates home drive, creates DFS link, sets permissions on home drive, sets 2GB quota
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Requires RunAsAdministrator | |
<###################################################################################### | |
.AUTHOR | |
Michael Maher | |
.DATE | |
08/01/16 | |
.NOTE | |
Expects CSV in format of username, new password, old username | |
Enables user account, creates home drive | |
.EXAMPLE CSV | |
samAccountName,password | |
MMAHER, MyPa$$word | |
#######################################################################################> | |
#region Variables | |
$inputFile = "C:\scripts\users.csv" | |
$remoteServer = "HomeDirServer1" | |
$domain = "contoso.com" | |
$homeShare = "Home" | |
$ShareDrive = "E" | |
$Right="FullControl" | |
$absolutePath = "$($shareDrive):\homedrives" | |
$hiddenShare = "homeDrives$($shareDrive)$" | |
#endregion | |
import-module activeDirectory | |
#region Create Users | |
$colUsers = Import-Csv $inputFile -UseCulture | |
foreach ($user in $colUsers) | |
{ | |
if ($user){ | |
$strUsername = $user.samaccountname | |
Write-Verbose "Working on $strUsername" | |
Try{ | |
Enable-ADAccount -Identity $user.samAccountname | |
Write-Verbose "Enabled $strUsername" | |
} | |
Catch{Write-Verbose $error[0].ToString() + $error[0].InvocationInfo.PositionMessage} | |
Try{ | |
Set-ADAccountPassword -Identity $user.samAccountname -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $user.password -Force) | |
Write-Verbose "Reset password for $strUsername" | |
} | |
Catch{Write-Verbose $error[0].ToString() + $error[0].InvocationInfo.PositionMessage} | |
Try{ | |
Invoke-Command -computername $remoteServer {New-Item -path $args[0] -type directory} -Args "$($absolutePath)\$($user.samaccountname)" | |
Write-Verbose "Created directory $($absolutePath)\$($user.samaccountname)" | |
} | |
Catch{Write-Verbose $error[0].ToString() + $error[0].InvocationInfo.PositionMessage} | |
Try{ | |
$rule=new-object System.Security.AccessControl.FileSystemAccessRule($user.samaccountname, $Right, "ContainerInherit, ObjectInherit", "None", "Allow") | |
$acl=get-acl "\\$($remoteServer)\$($hiddenShare)\$($user.samaccountname)" | |
$acl.SetAccessRule($rule) | |
set-acl "\\$($remoteServer)\$($hiddenShare)\$($user.samaccountname)" $acl | |
Write-Verbose "Set ACLs on Home Directory" | |
} | |
Catch{Write-Verbose $error[0].ToString() + $error[0].InvocationInfo.PositionMessage} | |
Try{ | |
Write-Verbose "Created DFS Link for Home Directory" | |
Invoke-Command -computername $remoteServer {New-DfsnFolder -path $args[0] -targetpath $args[1]} -Args "\\$($domain)\$($homeShare)\$($user.samaccountname)", "\\$($remoteServer)\$($hiddenShare)\$($user.samaccountname)" | |
} | |
Catch{Write-Verbose $error[0].ToString() + $error[0].InvocationInfo.PositionMessage} | |
Try{ | |
Set-ADUser -Identity $user.samAccountname -HomeDrive "H:" -HomeDirectory "\\$($domain)\$($homeShare)\$($user.samaccountname)" | |
Write-Verbose "Set Home Directory mapping" | |
} | |
Catch{Write-Verbose $error[0].ToString() + $error[0].InvocationInfo.PositionMessage} | |
Try{ | |
Invoke-Command -computername $remoteServer {New-FsrmQuota -Path $args[0] -Template "2GB HomeDir Limit"} -Args "$($absolutePath)\$($user.samaccountname)" | |
Write-Verbose "Set 2GB Quota for Home Directory" | |
} | |
Catch{Write-Verbose $error[0].ToString() + $error[0].InvocationInfo.PositionMessage} | |
} | |
} | |
#endregion |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment