With the following script I will do 3 things:
1. Set the user his home folder with drive letter
2. Create a folder on your home folders file share
3. Giving users full control on there folder.
The Script:
Get-ADUser -Filter * -SearchBase “OU=wardusers,DC=wardvissers,DC=local” | Foreach-Object {
$sam = $_.SamAccountName
$sid = $_.Sid
$HomeDrive=’J:’
$Domain=wardvissers.local’
$UserRoot=’\\wardvissers.local\dfs\home\’
$HomeDir=$UserRoot+$sam
# Assign the Drive letter and Home Drive for the user in Active Directory
SET-ADUSER $sam –HomeDrive $HomeDrive –HomeDirectory $HomeDir
# Create the folder on the root of the common Users Share
NEW-ITEM –path $HomeDir -type directory -force
$account=$Domain+’\’+$Accountname
# Set parameters for Access rule
$rights=[System.Security.AccessControl.FileSystemRights]::FullControl
$inheritance=[System.Security.AccessControl.InheritanceFlags]”ContainerInherit,ObjectInherit”
$propagation=[System.Security.AccessControl.PropagationFlags]::None
$allowdeny=[System.Security.AccessControl.AccessControlType]::Allow
$dirACE=New-Object System.Security.AccessControl.FileSystemAccessRule ($sid,$rights,$inheritance,$propagation,$allowdeny)
$dirACL=Get-Acl $HomeDir
$dirACL.AddAccessRule($dirACE)
Set-Acl -path $HomeDir -AclObject $dirACL
Write-Host $HomeDir access rights assigned
}