+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
Windows Server 2008 R2 Thread, Bulk users and home folders - best practice? in Technical; Hi, I am setting up a new server 2008 r2 with windows 7 clients and I'm looking for a bit ...
  1. #1

    Join Date
    Apr 2011
    Posts
    52
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Bulk users and home folders - best practice?

    Hi,

    I am setting up a new server 2008 r2 with windows 7 clients and I'm looking for a bit of advice on how best to bulk add students and teachers and assign them their home folders.

    This is my first time setting up a 2008 r2 server and I'm getting a bit confused.

    I have set up a shared folder d:\work$ and within this I have subfolders for students and staff which is then divided again into year groups e.g. d:\work$\students\2011\

    I want to create the 200 users in ad, create a folder for each of them under 2011 folder, set up folder redirection and roaming profiles.

    What is the best way to go about this? Should I be scripting everything, the adding users, creating folders and setting rights to the folders? or should I just be using a script to add the users to AD and using gpo to do everything else?

    Thanks

  2. #2
    simpsonj's Avatar
    Join Date
    Apr 2009
    Location
    Oxford
    Posts
    414
    Thank Post
    168
    Thanked 71 Times in 60 Posts
    Blog Entries
    8
    Rep Power
    23
    You might find this useful... Mikey Magic's Web Site - Active User Manager

    Folder redirection is/can be done purely through group policy, and folders for My Documents will be automatically made when you create the users in AD, as long as you set a Home Directory path.

    I would advise setting up another share for profiles, and setting the profile path in AD for the users as well. A useful tip would be to use %USERNAME% when typing in the profile and home directory locations. For example, your 2011 students would have \\<servername>\work$\students\2011\%USERNAME% as their home directory and \\<servername>\profiles$\students\2011\%USERNAME% as their profile path.

    There shouldn't be a need to script anything, but there is more than one way to skin a cat!

  3. 2 Thanks to simpsonj:

    cheeseslice (10th May 2011), stevenlong1985 (27th September 2012)

  4. #3

    Join Date
    Apr 2011
    Posts
    52
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    thanks for the quick reply.

    I'm having a look at the link you gave me now.

    What permissions do I have to set on my share work$?

  5. #4
    simpsonj's Avatar
    Join Date
    Apr 2009
    Location
    Oxford
    Posts
    414
    Thank Post
    168
    Thanked 71 Times in 60 Posts
    Blog Entries
    8
    Rep Power
    23
    I would set the share permission to have Everyone with Full Control, but make sure the folders themselves only give the student in question and the Administrator access. But other people will have different ideas on security. I'm reasonable lax because I don't think the students here are malicious, others won't give students an inch.

  6. #5

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,080
    Thank Post
    160
    Thanked 941 Times in 733 Posts
    Blog Entries
    3
    Rep Power
    276
    Morning,

    Check out the tools from Wise Soft WiseSoft - Resources for IT Professionals

    I've used them many of times before without fail! will do what you want without any issues.

    Account Management Spreadsheet < That will create your user accounts and allow you to fill in information.
    Bulk AD Users < That will help with bulk modifying the users attributes.

    I hope that helps,

    James.

  7. #6
    browolf's Avatar
    Join Date
    Jun 2005
    Location
    Mars
    Posts
    1,540
    Thank Post
    112
    Thanked 89 Times in 75 Posts
    Blog Entries
    47
    Rep Power
    41
    you don't need a subfolder called 'students' that should be obvious.
    For each year make a folder which the name is the year they started. for staff the folder is staff. share these folders

    so you have

    d:\userareas
    \staff$
    \2010$
    \2009$
    etc


    no need to make it more complicated than it needs to be

  8. #7
    simpsonj's Avatar
    Join Date
    Apr 2009
    Location
    Oxford
    Posts
    414
    Thank Post
    168
    Thanked 71 Times in 60 Posts
    Blog Entries
    8
    Rep Power
    23
    Second the Wisesoft software, very handy (just make sure that you use it carefully, I have managed to mess up big style using the Bulk AD Users software...)

  9. #8

    Join Date
    Apr 2011
    Posts
    52
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by browolf View Post
    you don't need a subfolder called 'students' that should be obvious.
    For each year make a folder which the name is the year they started. for staff the folder is staff....

    no need to make it more complicated than it needs to be
    You are right, there is no need for me to do that, I'll change that now.

    Am I right in saying that I don't have to stipulate a home folder if I am going to use a folder redirection gpo?

    With folder redirection, will I have to make a policy for each intake year so that the redirection goes to the appropriate subfolder?

  10. #9
    simpsonj's Avatar
    Join Date
    Apr 2009
    Location
    Oxford
    Posts
    414
    Thank Post
    168
    Thanked 71 Times in 60 Posts
    Blog Entries
    8
    Rep Power
    23
    Personally I give them a home folder in AD and then redirect to the home folder, so that you don't need to do part 2 of your post and make a different GPO for each year (though you can set different redirections based on group membership if thats the route you want to take). I've found that Windows 7 was a bit grumpy about redirecting My Docs unless it was set to redirect Home Directory, but YMMV.

    As a heads up, you might want to ensure that Libraries are dealt with in any way you see fit. The reason being is that if the Redirection fails, they will still have a My Documents, but it will be the C:\Users\Public\ My Docs, leading kids to save onto C: and thus it won't be there when they log back in. I use a mandatory profile to get around this issue, but if you're using individual profiles you might want to look into an alternative...

  11. #10

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,689
    Thank Post
    756
    Thanked 1,715 Times in 1,526 Posts
    Rep Power
    438
    If you have a staff folder and a student folder then you only need to make 2 shares i.e staff$ and student$ whereas if you just use year of entry folders 2010, 2011 etc... you will have more shares.

    There is a MS document on technet regarding default permissions.

    You can use tools such as dsadd or csvde to create the accounts.

    Don't bother with trying to use the $username$ substitution if trying out dsadd it doesn't work.

    Once they are created you can do a bulk modify on the home folder attribute and change it to \\server\student$\2011\%username% or whatever path matches in your environment and it will automatically create the home folders for you.

    Ben

  12. #11
    simpsonj's Avatar
    Join Date
    Apr 2009
    Location
    Oxford
    Posts
    414
    Thank Post
    168
    Thanked 71 Times in 60 Posts
    Blog Entries
    8
    Rep Power
    23
    My own personal concern with creating one share and putting every user under that one share is that shares have been known to fail (or they have for me), and the more people rely on that share, the more of a pain it can be. I have every student having their own hidden share, which for many is OTT, but when the share fails (for whatever reason) only one student is afffected, not the entire year or all students... But again, that's completely personal

  13. #12

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,260
    Thank Post
    290
    Thanked 796 Times in 605 Posts
    Rep Power
    348
    Quote Originally Posted by cheeseslice View Post
    You are right, there is no need for me to do that, I'll change that now.

    Am I right in saying that I don't have to stipulate a home folder if I am going to use a folder redirection gpo?

    With folder redirection, will I have to make a policy for each intake year so that the redirection goes to the appropriate subfolder?
    You can use an advanced redirection policy to do it by group membership which is probably the easiest way. No need for home folders, very NT4 ;-)

  14. #13

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,260
    Thank Post
    290
    Thanked 796 Times in 605 Posts
    Rep Power
    348
    Quote Originally Posted by simpsonj View Post
    My own personal concern with creating one share and putting every user under that one share is that shares have been known to fail (or they have for me), and the more people rely on that share, the more of a pain it can be. I have every student having their own hidden share, which for many is OTT, but when the share fails (for whatever reason) only one student is afffected, not the entire year or all students... But again, that's completely personal
    If you're getting shares fail on a regular basis then you have some serious problems with your network infrastructure.

  15. #14

    Join Date
    Apr 2011
    Posts
    52
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by teejay View Post
    You can use an advanced redirection policy to do it by group membership which is probably the easiest way. No need for home folders, very NT4 ;-)
    Do you use roaming profiles as well? I'm trying to work out if they are worthwhile or not in a school environment. I have been asked to create a group policy that locks down as much as possible. Though I think that it is nearly impossible to do this without some sort of third party software.

  16. #15

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,689
    Thank Post
    756
    Thanked 1,715 Times in 1,526 Posts
    Rep Power
    438
    Quote Originally Posted by cheeseslice View Post
    Do you use roaming profiles as well? I'm trying to work out if they are worthwhile or not in a school environment. I have been asked to create a group policy that locks down as much as possible. Though I think that it is nearly impossible to do this without some sort of third party software.
    You can lock down your clients very tightly using just GPO and GPP no need for 3rd party tools.

    Ben



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. change ownership of home folders in bulk
    By jdibsdale in forum Windows
    Replies: 9
    Last Post: 31st March 2010, 05:13 PM
  2. Create Bulk users and Folders
    By DanW in forum Scripts
    Replies: 14
    Last Post: 20th September 2009, 04:08 PM
  3. Mass Delete Users Home Folders
    By Techie101 in forum Windows Server 2000/2003
    Replies: 4
    Last Post: 13th July 2009, 04:26 PM
  4. Random all users home folders available!
    By theeldergeek in forum Wireless Networks
    Replies: 5
    Last Post: 21st January 2009, 05:50 PM
  5. Moodle: Users home folders
    By timbo343 in forum Virtual Learning Platforms
    Replies: 15
    Last Post: 15th July 2008, 04:38 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •