+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 20
Windows Server 2008 Thread, Creating User folder heirarchy with scripting or program in Technical; Hello All, I am absolutely new to this forum but feel like I have done due diligence and looked through ...
  1. #1
    jlondon's Avatar
    Join Date
    Jun 2010
    Location
    Minneapolis
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Creating User folder heirarchy with scripting or program

    Hello All,
    I am absolutely new to this forum but feel like I have done due diligence and looked through for this particular issue. If you find something I missed my apologies.. So with that said...


    Looking to create a folder for each user with the following perms in place on each folder
    Username <-- All have list with domain admins as folder owner
    Public <-- All have read and write access on this folder
    Private <--only the user has access READ, WRITE, EDIT
    Dropbox <-- user has full access others can only write to this folder
    I would like to be able to script this but am open to software solutions as well.
    My previous solution of creating these folders with a good old perl script don't work any longer on server 2008
    help!!
    I would even be fine with getting the basics of how to append to my initial script and be able to add the command to my broken perl script.
    On my pre Server 2008 boxes, could create and set up these shares but alas now it bombs out.
    mkdir E:\Faculty\username
    macfile directory /path:E:\Faculty\username /owner:"USAdmins" /group:username /permissions:11111111010
    mkdir E:\Faculty\username\public
    macfile directory /path:E:\Faculty\username\public /owner:"USAdmins" /group:username /permissions:11111111010
    mkdir E:\Faculty\username\private
    macfile directory /path:E:\Faculty\username\private /owner:"USAdmins" /group:username /permissions:11111100010
    mkdir E:\Faculty\username\dropbox
    macfile directory /path:E:\Faculty\username\dropbox /owner:"USAdmins" /group:username /permissions:11111100110mkdir E:\Faculty\username
    macfile directory /path:E:\Faculty\username /owner:"USAdmins" /group:username /permissions:11111111010
    mkdir E:\Faculty\username\public
    macfile directory /path:E:\Faculty\username\public /owner:"USAdmins" /group:username /permissions:11111111010
    mkdir E:\Faculty\username\private
    macfile directory /path:E:\Faculty\username\private /owner:"USAdmins" /group:username /permissions:11111100010
    mkdir E:\Faculty\username\dropbox
    macfile directory /path:E:\Faculty\username\dropbox /owner:"USAdmins" /group:username /permissions:11111100110

    while macfile is no longer a usable or recognizable command for Windows 2008 with the support of AFP going away, I would appreciate the commands to set the permissions for the SMB share. We are now using ExtremeZ-IP and it wil handle the sharing portion for our MAC users.

    Thank you for your time!!
    Joe

  2. #2

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,622
    Thank Post
    1,240
    Thanked 777 Times in 674 Posts
    Rep Power
    235
    Quote Originally Posted by jlondon View Post
    Looking to create a folder for each user with the following perms in place on each folder
    Don't you just need to list your users somehow, then iterate over that list to create the folders and set the permissions you want? I seem to remember Visual Basic Script has something built-in to do that, but I'm sure there's a command-line utility you could run from a Perl script and just read the output of, line by line.

    This page would seem to tell you how to set file / folder permissions via the command line:

    Set Permissions for Shared Folders

    --
    David Hicks

  3. #3
    jlondon's Avatar
    Join Date
    Jun 2010
    Location
    Minneapolis
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by jlondon View Post
    My previous solution of creating these folders with a good old perl script don't work any longer on server 2008

    I would even be fine with getting the basics of how to append to my initial script and be able to add the command to my broken perl script.
    Joe
    David, That is correct. It can be done with a script I have accomplished simple folder creation in the past with software like dovestones, and had success in the past with creating not only the users folders and a nested heirarchy from a perl script. My perl script was for setting security on afp shares so it is now broken.
    Thank you for responding and will take a look at this resource. What is such a bummer is the script that i have not only made folders but also would parse out an nt file to feed into ad to create the accounts, build a bat file to run on the server to make their user folders, and then created a script to build their FirstClass email accounts. It was very slick and for 1100 accounts, pretty important :-)
    Thanks a lot for reading and replying. Your time it is much appreciated.

    Best Regards,
    Joe London

  4. #4

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,622
    Thank Post
    1,240
    Thanked 777 Times in 674 Posts
    Rep Power
    235
    Quote Originally Posted by jlondon View Post
    My perl script was for setting security on afp shares so it is now broken.
    Right, have I got this traight here: you have a Windows domain controller, but you store your user file areas on a Mac server. The root folder for the user folder is available as a share of some kind (SMB?) from the Mac server, and is mounted as drive E: on your domain controller (or wherever it is you're trying to run this script from). Is that correct?

    So, you now can't use the "macfile" command-line tool to set permissions on folder stored on E: drive. Does the "mkdir" command still work - can you still create folders and so on okay?

    --
    David Hicks

  5. #5
    jlondon's Avatar
    Join Date
    Jun 2010
    Location
    Minneapolis
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by dhicks View Post
    Right, have I got this traight here: you have a Windows domain controller, but you store your user file areas on a Mac server. The root folder for the user folder is available as a share of some kind (SMB?) from the Mac server, and is mounted as drive E: on your domain controller (or wherever it is you're trying to run this script from). Is that correct?

    So, you now can't use the "macfile" command-line tool to set permissions on folder stored on E: drive. Does the "mkdir" command still work - can you still create folders and so on okay?

    --
    David Hicks
    David,
    You are correct that this is a DC but the shares are created and live on this server. The server used to be 2003 STD but is the new server is SVR 2008 R2. With Server 2008 support for mac shares has gone away. We are using ExtremeZ-IP to handle the AFP shares. I can still make folders but the challenging part is that now to set perms, will need to do this with NTFS permissions. I thought I would throw this out on the edugeek forums to see what other admins use to make their student folders every year.
    So to be clear, the shares do live on this server, it is a windows box, and the end goal is to run a script against a csv file that will build a nested series of folders with specific rights for each user.

    Best Regards,
    Joe

  6. #6

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,622
    Thank Post
    1,240
    Thanked 777 Times in 674 Posts
    Rep Power
    235
    Quote Originally Posted by jlondon View Post
    We are using ExtremeZ-IP to handle the AFP shares.
    Does ExtremeZ-IP have an equivilent command line utility you could use? What Mac clients do you have to connect to the Windows machines - if they're all Mac OS X, do you actually need AFP shares or could you switch to SMB shares and mount them from the Mac clients with Samba? Could you run the script on a Mac - will it let you set appropriate file permissions from there?

    the end goal is to run a script against a csv file that will build a nested series of folders with specific rights for each user.
    Why a CSV file, and where does that CSV file come from - is it typed in by hand, or generated from something else? Could you just get your script to get a list of current users from your Active Directory server each time it ran?

    --
    David Hicks

  7. #7
    jlondon's Avatar
    Join Date
    Jun 2010
    Location
    Minneapolis
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by dhicks View Post
    Does ExtremeZ-IP have an equivilent command line utility you could use? What Mac clients do you have to connect to the Windows machines - if they're all Mac OS X, do you actually need AFP shares or could you switch to SMB shares and mount them from the Mac clients with Samba? Could you run the script on a Mac - will it let you set appropriate file permissions from there?



    Why a CSV file, and where does that CSV file come from - is it typed in by hand, or generated from something else? Could you just get your script to get a list of current users from your Active Directory server each time it ran?

    --
    David Hicks
    The source of the csv is output from a database. I am looking to create these folders, share them out on my windows server running 2008, and then pass along the smb shares for ExtremeZ-IP to handle sharing to the Mac users. This is my end goal.

    Cheers and thanks for your input!
    Joe

  8. #8

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,622
    Thank Post
    1,240
    Thanked 777 Times in 674 Posts
    Rep Power
    235
    Quote Originally Posted by jlondon View Post
    The source of the csv is output from a database.
    Why - are there users listed there that aren't in Active Directory, or is there some other difference between the two sets of users? Why do you need the CSV file as another intermediate step?

    I am looking to create these folders, share them out on my windows server running 2008, and then pass along the smb shares for ExtremeZ-IP to handle sharing to the Mac users.
    Your script can still do the first two parts, though, right - it can still create the directory tree to be shared out by your Windows Server 2008 machine? You just don't have the Windows "macfile" commandline tool to set Mac file permissions as you used to. Does ExtremeZ-IP not have an equivilent command line utility?

    What Mac clients do you have to connect to the Windows machines - if they're all Mac OS X, do you actually need AFP shares or could you switch to SMB shares and mount them from the Mac clients with Samba?

    Could you run the script on a Mac - will it let you set appropriate file permissions from there?

    --
    David Hicks

  9. #9
    jlondon's Avatar
    Join Date
    Jun 2010
    Location
    Minneapolis
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I am looking to do all of this on the server. ExtremeZ-IP does not have that capability it only takes the shares and perms the server has for the windows shares and hosts them as afp shares.

    There has surely been someone else that has scripted out the creation of their users folders with some nested folders out there :-)


    Setting up a script that will create the folders below and set appropriate permissions for each folder.
    Username <-- All have list with domain admins as folder owner
    Public <-- All have read and write access on this folder
    Private <--only the user has access READ, WRITE, EDIT
    Dropbox <-- user has full access others can only write to this folder

    Best Regards,
    Joe

  10. #10

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,622
    Thank Post
    1,240
    Thanked 777 Times in 674 Posts
    Rep Power
    235
    Quote Originally Posted by jlondon View Post
    ExtremeZ-IP does not have that capability it only takes the shares and perms the server has for the windows shares and hosts them as afp shares.
    So ExtremeZ-IP translates Windows file / folder permissions in to Mac permissions?

    --
    David Hicks

  11. #11
    jlondon's Avatar
    Join Date
    Jun 2010
    Location
    Minneapolis
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Yes it hosts the windows shares and also hosts printer shares for mac users.

  12. #12

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,622
    Thank Post
    1,240
    Thanked 777 Times in 674 Posts
    Rep Power
    235
    Quote Originally Posted by jlondon View Post
    Yes it hosts the windows shares and also hosts printer shares for mac users.
    Okay, so is this correct: you have a Windows 2008 Server machine that acts as an Active Directory server and a file server, so any Windows clients that connect to the server will see a bunch of file shares. It also runs ExtremeZ-IP, so when Mac users connect to the server they see the same file shares, with the same file permissions set by NTFS, but in a Mac-specific way? If that's right, can't you just set NTFS file permissions on the server with the "cacls" command line utility, i.e.:

    Code:
    for username in getListOfUsers():
        mkdir username
        mkdir username + "/Public"
        mkdir username + "/Private"
        mkdir username + "/Dropbox"
        system("cacls " + username + " ... ")
        ...
    --
    David Hicks

  13. #13
    jlondon's Avatar
    Join Date
    Jun 2010
    Location
    Minneapolis
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by dhicks View Post
    Okay, so is this correct: you have a Windows 2008 Server machine that acts as an Active Directory server and a file server, so any Windows clients that connect to the server will see a bunch of file shares. It also runs ExtremeZ-IP, so when Mac users connect to the server they see the same file shares, with the same file permissions set by NTFS, but in a Mac-specific way? If that's right, can't you just set NTFS file permissions on the server with the "cacls" command line utility, i.e.:

    Code:
    for username in getListOfUsers():
    
    
        mkdir username
        mkdir username + "/Public"
        mkdir username + "/Private"
        mkdir username + "/Dropbox"
        system("cacls " + username + " ... ")
        ...
    --
    David Hicks
    David, I am not up on setting cacls but if it would work would be happy to try. Is this how you set your users folder up? I am trying to get examples of how other Network Managers go about setting up their users folders. Thank you for your help!
    Sincerely,
    Joe

  14. #14
    jlondon's Avatar
    Join Date
    Jun 2010
    Location
    Minneapolis
    Posts
    12
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Progress is good

    I have this nice script now thanks to Matthew Beattie on Technet Forums
    What I now need is to get the permissions set for each folder. Any scripting gurus out there willing to take a look? Thank you thank you for your help and time!!

    Code:
    Option Explicit
    Dim objFSO
    On Error Resume Next
     Set objFSO = CreateObject("Scripting.FileSystemObject")
     ProcessScript
     If Err.Number <> 0 Then
      Wscript.Quit
     End If
    On Error Goto 0
    '-------------------------------------------------------------------------------------------------
    'Functions Processing Section
    '-------------------------------------------------------------------------------------------------
    'Name  : ProcessScript -> Primary Function that controls all other script processing.
    'Parameters : None   ->
    'Return  : None   ->
    '-------------------------------------------------------------------------------------------------
    Function ProcessScript
     Dim userNames, userName
     Dim folderSpec, folderNames, folderName 
     folderSpec = "C:\Data\Homedrives"
     userNames = Array("user1","user2","user3")
     folderNames = Array("Public","Private","Dropbox")
     '----------------------------------------------------------------------------------------------
     'Create the folder structure for each user.
     '----------------------------------------------------------------------------------------------
     For Each userName In userNames
      Do
       If Not CreateFolder(folderSpec & "\" & userName) Then
       Exit Do
       End If
       For Each folderName In folderNames
       Do
        If Not CreateFolder(folderSpec & "\" & userName & "\" & folderName) Then
         Exit Do
        End If
       Loop Until True
       Next
      Loop Until True
     Next
    End Function
    '-------------------------------------------------------------------------------------------------
    'Name  : CreateFolder -> Recursive Function to Create a directory structure or single folder.
    'Parameters : folderSpec -> Path of folder\folders to create.
    'Return  : CreateFolder -> Returns True if the directory structure was successfully created otherwise False.
    '-------------------------------------------------------------------------------------------------
    Function CreateFolder(folderSpec)
     CreateFolder = False
     If Not objFSO.FolderExists(folderSpec) Then
      If InStrRev(folderSpec, "\") <> 0 Then
       If Not CreateFolder(Left(folderSpec, InStrRev(folderSpec, "\") - 1)) Then
       Exit Function
       End If
      End If
      On Error Resume Next
       objFSO.CreateFolder folderSpec
       If Err.Number <> 0 Then
       Exit Function
       End If
      On Error Goto 0
     End If
     CreateFolder = True
    End Function
    '-------------------------------------------------------------------------------------------------

  15. #15

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,622
    Thank Post
    1,240
    Thanked 777 Times in 674 Posts
    Rep Power
    235
    Quote Originally Posted by jlondon View Post
    I am not up on setting cacls but if it would work would be happy to try.
    "cacls" is a command line utility used for setting permissions on file shares:

    Set Permissions for Shared Folders

    Just use it from your favourite scripting language, however that scripting language runs command-line utilities. Probably best to try it from a command prompt, manually, yourself first to see if it works correctly.

    --
    David Hicks

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Creating Home Folder.. and getting it to map for users
    By dgrams in forum How do you do....it?
    Replies: 16
    Last Post: 26th February 2010, 05:15 PM
  2. Replies: 3
    Last Post: 10th July 2009, 03:11 PM
  3. Delete a folder using scripting
    By FN-GM in forum Scripts
    Replies: 15
    Last Post: 22nd December 2007, 04:44 PM
  4. Creating a B2D folder on a LinkStation
    By randle in forum Windows
    Replies: 0
    Last Post: 22nd August 2007, 09:45 AM
  5. Replies: 3
    Last Post: 16th November 2006, 09:55 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •