0 votes

Hi,

I need a script that will retrospectively create a sub-folder on file server's shared folder with following permissions:

  • employee
  • his/hers manager (taken from AD)
  • specific security group(s)
  • usual SYSTEM and local server Administrators security group as well, so that we have access for backups etc purposes. We can set a inheritable permissions for them (system etc) on top share level, but would be interested in confirming that internally in script as well.

There will be a shared folder with access-based enumeration enabledavailable to create them in. We'll get circa 200+ usernames we'll need to create and permission individual folder for, but then we will also need to incorporate similar script into normal AD user creation for future users and possibly for more pre-existing users that don't have them.

Thanks for any feedback.

by (70 points)

1 Answer

0 votes
by (11.0k points)

Hello,

In Adaxes there is no built-in functionality to manage shared folder permissions. However, it can be done using PowerShell scripts. If you need to create a shared folder and set it as users home directory, you can use the Create a home directory action. The required folder permissions can be granted using a PowerShell script. For example, the below script from our repository can be modified to meet your needs: https://www.adaxes.com/script-repository/grant-access-to-user-s-home-folder-s15.htm. To create folders for existing users you can use a Scheduled Task configured for the User object type. To create folders for new users a Business Rule triggering After creating a user can be used. Should you have any issues modifying the script to meet your needs, we will help you.

0

Hi,

It would be additional completely independent from profile and/or 'redirected folders' subfolder created on separate file server. Will look into modifying this script, but actual actions are 'pretty simple' :

  • get a %username% from a csv file
  • look up %manager% for that username
  • create folder called %username% inside 'specified share path'
  • set NTFS permision to 'Modify' for username, manager, 'specified security group' and 'Full Access for Domain Admins and local Administrators,

Furthermore I will amend script to be an action in 'After creating a user' task and as an selectable action for existing individual user.

Related questions

0 votes
1 answer

We have the following script we need fixed to run within Adaxes to add true/false value to a customattribute for use in building dynamic distribution lists. $users = ... } else { Set-Mailbox -Identity $user.Name -CustomAttribute8 "Individual contributor" } }

asked Jul 13, 2022 by willy-wally (3.2k points)
0 votes
1 answer

We have our user folders set up in an "odd" way - everyone's main user drive is open to everyone, with the exception of a Private subfolder. Right now I'm using a ... .Run(WRITER, 0, TRUE) Set Writer = nothing Set FILESYS = nothing Set WSHShell = nothing

asked Jun 12, 2013 by danftasc (440 points)
0 votes
1 answer

How would a script be written that accomplishes the following task? In this scenario, UserA would be selected with the Modify user action, then UserB would be input to ... rule that runs the script to allow reviewer permissions on UserA's calendar for UserB

asked Dec 6, 2012 by mdeflice (350 points)
0 votes
1 answer

I'm looking to audit file Share permissions, in order to find out what groups and individuals have access to what files and folders, whether those permissions are inherited or assigned, etc. Wondering if Adaxes can do this. Thanks in advance,

asked Mar 15, 2022 by sysdadmin (20 points)
0 votes
1 answer

Hello, New to this program and we are setting it up now. I wanted to know if there is a least permissions setup for the Service account. I dont want to have an account that ... that can still be a service account for Adaxes and manage limited OU's in my AD.

asked Mar 18, 2022 by LEGIT1 (150 points)
3,326 questions
3,025 answers
7,724 comments
544,675 users