Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
publicScripts/Windows/server/New-UserShares.ps1
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
103 lines (89 sloc)
3.66 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.SYNOPSIS | |
Create a new shared folder for each users in a group. | |
.DESCRIPTION | |
The New-UserShares function will create a shared folder for each users from a specified group. | |
.EXAMPLE | |
C:\>.\New-UserShares -GroupName TEST_AD_GROUP -Directory D:\UserShares | |
Creates a new shared folder in D:\UserShares for each member of TEST_AD_GROUP | |
.EXAMPLE | |
C:\>.\New-UserShares -GroupName TEST_AD_GROUP | |
Creates a new shared folder in the current directory for each member of TEST_AD_GROUP | |
.EXAMPLE | |
C:\>.\New-UserShares -GroupName TEST_AD_GROUP -Directory D:\UserShares -logFile D:\scriptLogs\New-UserShares.log | |
Creates a new shared folder in D:\UserShares for each member of TEST_AD_GROUP and outputs the log transcript to a .log file | |
#> | |
Param( | |
#Group to select a list of users from. | |
[Parameter(Mandatory=$True,Position=0)] | |
[AllowEmptyString()] | |
[string]$GroupName, | |
#Directory that users folders will be created. | |
[Parameter(Position=1)] | |
[string]$Directory=".", | |
#Logfile for transcript. | |
[Parameter(Position=2)] | |
[string]$logFile | |
) | |
if(!($GroupName)){ | |
Write-Output "ERROR: GroupName Parameter is Mandatory" | |
Get-Help $PSCommandPath -Examples | |
Write-Output "Run the below command for more information:`n Get-Help `"$PSCommandPath`" -Full" | |
exit | |
} | |
$Directory = $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($Directory) | |
function Get-GroupMembers($strGroupName){ | |
$objDomain = New-Object System.DirectoryServices.DirectoryEntry | |
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher | |
$strFilter = "(&(objectCategory=Group)(name=" + $strGroupName + "))" | |
$objSearcher.SearchRoot = $objDomain | |
$objSearcher.PageSize = 1000 | |
$objSearcher.Filter = $strFilter | |
$objSearcher.SearchScope = "Subtree" | |
$colResults = $objSearcher.FindAll() | |
return $colResults | |
} | |
function New-Directory($dirName){ | |
If (!(Test-Path -path $dirName)) { | |
New-Item $dirName -type directory | |
} | |
} | |
function New-LogFile($logFile){ | |
if($logFile){ | |
$logFile = $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($logFile) | |
If (([IO.FileInfo]$logFile).Attributes -match 'Directory') { | |
Write-Output "ERROR: The logFile specified is a directory" | |
Get-Help $PSCommandPath -Examples | |
exit | |
} | |
Start-Transcript $logFile | |
} | |
} | |
function New-UserShares{ | |
$groupMembers = Get-GroupMembers($GroupName) | |
$inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit" | |
$prop = [system.security.accesscontrol.PropagationFlags]"None" | |
# Create Baseuser folder if it doesn't exist already | |
New-Directory($Directory+"\baseuser") | |
foreach ($objResult in $groupMembers) | |
{ | |
$objGroup = $objResult.GetDirectoryEntry() | |
$members = $objGroup.member | |
foreach ($m in $members) { | |
$username = $m.split(",")[0] | |
$username=$username.replace("CN=","") | |
$username | |
# Create RCS ID directory if it doesn't exist already | |
New-Directory($Directory+"\"+$username) | |
$acl = (Get-Item $Directory"\"baseuser).GetAccessControl('Access') | |
$ar = New-Object system.security.accesscontrol.filesystemaccessrule( $username ,"Modify",$inherit, $prop, "Allow") | |
$acl.SetAccessRule($ar) | |
Set-Acl $Directory"\"$username $acl | |
If (!(GET-WMIOBJECT Win32_Share -filter "name='$username$'")) { | |
New-SmbShare -Name "$username$" -Path "$Directory\$username" -ChangeAccess Everyone | |
} | |
} | |
} | |
} | |
New-LogFile $logFile | |
New-UserShares @args |