{"id":3493,"date":"2013-06-04T00:01:00","date_gmt":"2013-06-04T00:01:00","guid":{"rendered":"https:\/\/blogs.technet.microsoft.com\/heyscriptingguy\/2013\/06\/04\/creating-a-home-drive-with-windows-powershell-part-1\/"},"modified":"2013-06-04T00:01:00","modified_gmt":"2013-06-04T00:01:00","slug":"creating-a-home-drive-with-windows-powershell-part-1","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/scripting\/creating-a-home-drive-with-windows-powershell-part-1\/","title":{"rendered":"Creating a Home Drive with Windows PowerShell: Part 1"},"content":{"rendered":"<p><strong style=\"font-size: 12px\">Summary<\/strong><span style=\"font-size: 12px\">: Microsoft PowerShell MVP and Honorary Scripting Guy, Sean Kearney, begins a discussion about home drives and Windows PowerShell.<\/span>\nMicrosoft Scripting Guy, Ed Wilson, is here. If you are a seasoned Hey, Scripting Guy! Blog reader, you know that the most frequent guest blogger is Sean Kearney. If you are new to the blog, I welcome you, and I encourage you to catch up with&nbsp;<a href=\"http:\/\/blogs.technet.com\/b\/heyscriptingguy\/archive\/tags\/sean+kearney\/\" target=\"_blank\">Sean&rsquo;s previous blogs<\/a>.\nSean is a Windows PowerShell MVP and&nbsp;<a href=\"http:\/\/blogs.technet.comhttps:\/\/devblogs.microsoft.com\/scripting\/honorary-scripting-guy-award-recipients-announced\/\" target=\"_blank\">an Honorary Scripting Guy.<\/a>&nbsp;Sean has been selected to present sessions called&nbsp;<a href=\"https:\/\/channel9.msdn.com\/Events\/TechEd\/NorthAmerica\/2013\/MDC-B326#fbid=rHDRO4Syj3v\" target=\"_blank\">Integrating with Microsoft System Center 2012 and Windows PowerShell<\/a>&nbsp;at TechEd NA and TechEd Europe this year. In his free time, Sean has written several blog posts about Hyper-V and some other cool stuff. Sean will be the blogger all week, and today he is writing about passwords.\nBTW, if you are in New Orleans for TechEd this week, be sure to come by the Scripting Guys booth and say hello. The Scripting Wife and I will be there in addition to Chris Duck and <a href=\"http:\/\/blogs.technet.com\/b\/heyscriptingguy\/archive\/tags\/brian+wilhite\/\" target=\"_blank\">Brian Wilhite<\/a>. We also invited <a href=\"http:\/\/www.powershell.org\/\" target=\"_blank\">www.powershell.org<\/a> to share the booth with us, so come by say hello to Don Jones, Jason Helmick, and Mike Robbins. I am also sure Sean will be hanging out at the booth.\nHere&rsquo;s Sean&hellip;\nIn many companies, staff will have a private drive letter or &ldquo;home drive&rdquo; allocated for their use. I have seen quite a few ways the drives are set up, but the simplest structure I have seen that works well is a &ldquo;root&rdquo; user&rsquo;s drive that is shared out as hidden with appropriate permissions. From that folder, users are mapped to private subfolders that only they or Administrative staff can access.\nIn our scenario, if we had a folder on the root of a file server called E:Users shared out at \\CONTOSO-FPSUsers$, we could set up a standard of mapping each user&rsquo;s home folder to drive Z:.\nNormally within Active Directory, we might configure a home drive to \\CONTOSO-FPSUsers$%USERNAME%. This would create the folder, set the Active Directory attributes for home drive to that location, and set the appropriate permissions.\nWe can replicate this process in Windows PowerShell with the following steps:<\/p>\n<ul>\n<li>Set the property in Active Directory with SET-QADUSER<\/li>\n<li>Create the folder under our root folder structure for the user<\/li>\n<li>Set the permissions with the magic of .NET<\/li>\n<\/ul>\n<p>If you&rsquo;re an IT professional and you just saw .NET, do not&hellip;I repeat, DO NOT PANIC. We&rsquo;re going to show some of the how, but leave the important piece at the end so you can do it with Windows PowerShell by supplying what you need.\nTo set a drive letter and path for any user in Active Directory, we need only use the <strong>Set-ADUser<\/strong> cmdlet with three parameters: <strong>HomeDrive<\/strong>, <strong>HomeDirectory<\/strong>, and the Alias of the user in Active Directory.\n<strong>HomeDrive<\/strong> is the drive letter you would like mapped for a home drive. <strong>HomeDirectory<\/strong> is the UNC path name on your network that is unique to that user.\nIf I&rsquo;d like to assign drive Z: to the folder \\CONTOSO-FPSUsers$JohnSmith, I would use the following command:<strong><\/strong><\/p>\n<p style=\"padding-left: 30px\">SET-ADUSER johnsmith &ndash;HomeDrive &lsquo;Z:&rsquo; &ndash;HomeDirectory &lsquo;\\CONTOSO-FPSUsers$JohnSmith&rsquo;\nBut to make this more automated, we should supply variables. If this were a new user script, we might already have at least the user alias defined. As such we can leverage the name of the folder structure:<\/p>\n<p style=\"padding-left: 30px\">$HomeDrive=&rsquo;Z:&rsquo;<\/p>\n<p style=\"padding-left: 30px\">$UserRoot=&rsquo;\\CONTOSO-FPSUsers$&rsquo;<\/p>\n<p style=\"padding-left: 30px\">$HomeDirectory=$UserRoot+$AccountName<\/p>\n<p style=\"padding-left: 30px\">SET-ADUSER $AccountName &ndash;HomeDrive $HomeDrive &ndash;HomeDirectory $HomeDirectory\nOur next task is to create that directory.\nRemember, all we have done is edit a field in Active Directory. The file system on the foreign server has no clue about the information presented within Active Directory. When you edit those fields in the GUI, the user folder and permissions are provisioned as a function of the code within that GUI interface&mdash;they are not a function of Active Directory.\nCreating a new folder on the file share simply requires that the account has the appropriate permissions. In the case of our <strong>Users$<\/strong> share on CONTOSO-FPS, we have established the following configuration for the file share:<\/p>\n<ul>\n<li>Domain Admins &ndash; Full control<\/li>\n<li>Domain Users &ndash; Change<\/li>\n<\/ul>\n<p>On the NTFS side, the following rights have been established for the root folder:<\/p>\n<ul>\n<li>Domain Admins- Full control<\/li>\n<li>Domain Users &ndash; &ldquo;Special&rdquo; &ndash; ReadOnly access on this folder only<\/li>\n<\/ul>\n<p>Although users need to be able to edit content in their private folders, they do not need to make changes at the root level.\nNow to create the private folder, we need only run a standard <strong>New-Item<\/strong> cmdlet as if we were creating a local folder. We already have a variable in the cmdlet that contains this information, so we can leverage it for the <strong>New-Item<\/strong> cmdlet:<\/p>\n<p style=\"padding-left: 30px\">NEW-ITEM &ndash;path $HomeDirectory -type directory -force\nNow that the home drive has been created for the user, we need to establish proper NTFS permissions to allow the user to navigate and create content within this structure. In our scenario, we are going to also allow the Domain Admins group to navigate and change control on the folder.\n~Sean\nThank you, Sean, for a great post. Join us tomorrow for Part 2.\nI invite you to follow me on <a href=\"http:\/\/bit.ly\/scriptingguystwitter\" target=\"_blank\">Twitter<\/a> and <a href=\"http:\/\/bit.ly\/scriptingguysfacebook\" target=\"_blank\">Facebook<\/a>. If you have any questions, send email to me at <a href=\"http:\/\/blogs.technet.commailto:scripter@microsoft.com\" target=\"_blank\">scripter@microsoft.com<\/a>, or post your questions on the <a href=\"http:\/\/bit.ly\/scriptingforum\" target=\"_blank\">Official Scripting Guys Forum<\/a>. See you tomorrow. Until then, peace.\n<strong>Ed Wilson, Microsoft Scripting Guy<\/strong><span style=\"font-size: 12px\">&nbsp;<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Summary: Microsoft PowerShell MVP and Honorary Scripting Guy, Sean Kearney, begins a discussion about home drives and Windows PowerShell. Microsoft Scripting Guy, Ed Wilson, is here. If you are a seasoned Hey, Scripting Guy! Blog reader, you know that the most frequent guest blogger is Sean Kearney. If you are new to the blog, I [&hellip;]<\/p>\n","protected":false},"author":596,"featured_media":87096,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[16,56,3,154,45],"class_list":["post-3493","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-scripting","tag-desktop-management","tag-guest-blogger","tag-scripting-guy","tag-sean-kearney","tag-windows-powershell"],"acf":[],"blog_post_summary":"<p>Summary: Microsoft PowerShell MVP and Honorary Scripting Guy, Sean Kearney, begins a discussion about home drives and Windows PowerShell. Microsoft Scripting Guy, Ed Wilson, is here. If you are a seasoned Hey, Scripting Guy! Blog reader, you know that the most frequent guest blogger is Sean Kearney. If you are new to the blog, I [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/3493","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/users\/596"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/comments?post=3493"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/3493\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media\/87096"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media?parent=3493"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/categories?post=3493"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/tags?post=3493"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}