Moving user homes drives from a share per user setup, to a single base share and folder per user

Posted: March 14, 2012 in File Operations, Scripts

I had an interesting one this week. The company I was doing work for had a user home drive setup, where by each user had a hidden share on the main file server. This is very different to what I have seen in the passed. I’m used to seeing a single base share, eg. \\fileserver\users$\, where each user then has a sub folder that their home drive maps too. In this case, every user had it’s own share, eg. \\fileserver\dylan$. As part of the migration, there was a decision made to switch this setup around to have a single base share.

In order to do this, we made some modifications to the login script first. It now checks to see if the original user share exists, if it does, it will use that for the home drive mapping. If not, it will try and map to the new location. OK, so that’s all good and well. Now we need to start moving everything over and in the process, get rid of the the user shares on the old file server. It should be no surprise that I used PowerShell to do this. You will need the Quest Active Roles Management plugins for this to work and a list of the target usernames saved to the text file referenced.

# List of usernames to be targetted
$UserList = Get-Content .\MigrationList.txt

# Name of the current server hosting the home drive shares
$SourceServer = “FileServer1”

# Name of the destination server where new home folders will be stored
$DestServer = “FileServer2″

ForEach ($User in $UserList){
# Check to make sure the folder doesn’t already exist
If (!(Test-Path \\$DestServer\user\$User)){
# Get our AD user object
$objUser = Get-QADUser $User

# Set the variable for the source share name
$ShareName = $UserName + ‘$’

# Create the new home folder
mkdir \\$DestServer\user\$User

# Get the base permissions from our template directory
$ACL = Get-ACL \\$DestServer\user\perms

# Setup the variable that we need to give the user modify rights
$colRights = [System.Security.AccessControl.FileSystemRights]”Modify”
$InheritanceFlag = [System.Security.AccessControl.InheritanceFlags]::ContainerInherit -bor [System.Security.AccessControl.InheritanceFlags]::ObjectInherit
$PropagationFlag = [System.Security.AccessControl.PropagationFlags]::None
$objType =[System.Security.AccessControl.AccessControlType]::Allow

# Create the access rule
$AccessRule = new-object System.Security.AccessControl.FileSystemAccessRule($objUser, $colRights, $InheritanceFlag, $PropagationFlag, $objType)

# Add the access rule to the ACL
$ACL.SetAccessRule($AccessRule)

# Set the ACL on the directory
$ACL | Set-ACL \\$DestServer\user\$User

# Call RoboCopy to get the file accross
robocopy /MIR /E /R:0 /W:0 \\$SourceServer\$ShareName \\$DestServer\User\$User

# Delete the user share from the source server
(Get-WmiObject -Class Win32_Share -ComputerName $SourceServer | Where { $_.Name -eq $ShareName} ).InvokeMethod(“Delete”,$null)

}
}

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s