View RSS Feed

Duke5A

VB script for creating student drop boxes

Rate this Entry
by , 7th August 2012 at 07:24 PM (6966 Views)
A lot of our staff use drop boxes pretty heavily for student assignments. A drop box is pretty much a share that looks somewhat like this:

Code:
-Building 01
   -Staff Member A
     +Drop Off
     +Pickup
  +Staff Member B
  +Staff Member C
  +Staff Member D
+Building 02
Every staff member of a particular building (or group) will have a folder on a share named by their last name, and under said staff name will be two addition folders. One for students to pickup assignments, and the other for them to drop off, or turn finished assignments in. To keep the folder structure intact and to keep students from sharing their assignments with others, file level permissions are set. This is where this gets a bit goofy...

For this to work correctly, you're going to need two security groups: one for building level staff, and a second for the students (ours are done by grade level). At the root of the building folder both security groups have read and execute to allow them to traverse the folder structure. At the pickup level, the specific teacher will have Read/Write on sub folders and files only so they can manage files without being able to delete the pickup folder itself. The drop off folder though is a bit more intricate. We can't allow students read and list to this or they'll be able open other student's completed assignments, and since the students group has read/execute at the building level, we'll need to block inheritance on this folder. Once inheritance is blocked, the students group is given create files/write data only. Teachers are given the same permissions as on the pickup folder: RW on sub folders and files only. Now all the students can do is blindly save files to this folder.

That's pretty much the gist of drop off and pickup folders, but creating these by hand would be an enormous time sink, so I wrote a VB script that will handle bulk creation. This script will pull teacher names from an OU in Active Directly, and will pass off permission settings to icacls. All you have to do is create a fresh building folder on a share somewhere, edit the strings at the top of the script and let it go.

Cheers!

Code:
strLDAPPath = "LDAP://OU=BuildingA,OU=Staff,OU=Organization,DC=sampledomain,DC=com"
strUNCPath = "\\server\Dropbox\BuildingA\"
strTeacherGroup = "BuildingA_Staff"
strStudentGroup = "BuildingA_Students"

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objShell = WScript.CreateObject("WScript.Shell")    
Set objContainer = GetObject(strLDAPPath)
objContainer.Filter = Array("user")

objRun = objShell.Run("icacls" & Chr(32) & strUNCPath & Chr(32) & "/grant" & Chr(32) & strTeacherGroup & ":(OI)(CI)RX")
WScript.Sleep 100
objRun = objShell.Run("icacls" & Chr(32) & strUNCPath & Chr(32) & "/grant" & Chr(32) & strStudentGroup & ":(OI)(CI)RX")

For Each User in objContainer

	strUser = User.SAMAccountName
	strFullPath = strUNCPath & strUser
	
	On Error Resume Next
	Set objFolder = objFSO.CreateFolder(strFullPath)
	
	If Err.Number <> 0 Then
		strLog = strLog & strUser & Chr(58) & Chr(32) & Err.Description & Chr(13)
	Else
		Set objFolder = objFSO.CreateFolder(strFullPath & "\Pickup")
		Set objFolder = objFSO.CreateFolder(strFullPath & "\DropOff")
			
		objRun = objShell.Run("icacls" & Chr(32) & strFullPath & "\DropOff" & Chr(32) & "/inheritance:d")
		wscript.sleep 400
		objRun = objShell.Run("icacls" & Chr(32) & strFullPath & "\DropOff" & Chr(32) & "/remove:g" & Chr(32) & strStudentGroup)
		wscript.sleep 400
		objRun = objShell.Run("icacls" & Chr(32) & strFullPath & "\DropOff" & Chr(32) & "/grant" & Chr(32) & strStudentGroup & ":(OI)(CI)(WD)")
		wscript.sleep 100
		objRun = objShell.Run("icacls" & Chr(32) & strFullPath & "\Pickup" & Chr(32) & "/grant" & Chr(32) & strUser & ":(OI)(CI)(WD,AD,DC,X,RA,RD,REA)")
		wscript.sleep 400
		objRun = objShell.Run("icacls" & Chr(32) & strFullPath & "\DropOff" & Chr(32) & "/grant" & Chr(32) & strUser & ":(OI)(CI)(WD,AD,DC,X,RA,RD,REA)")
		
	End If
	
	WScript.Sleep 100

Next

'msgbox strLog

Updated 20th August 2012 at 02:02 PM by Duke5A

Categories
VB Script

Comments

  1. vbcode4u's Avatar
    good work

Trackbacks

Total Trackbacks 0
Trackback URL: