' User Accounts 'If you've ever found yourself trying to change the HomeDirectory, ProfilePath, logonscript path or the homeDrive of 'about 100 users at once by hand, you know that the experience is not something you ever look forward to repeating 'Now, I know you will never even have attempted the exercise manually if your user base is anywhere above 100 'Some of us will have the luxury of using a 3rd-part application like DameWare or Hyena 'Well, for the little poor guys like me out there, here's a "VERY CHEAP" AND FAST alternative. 'Enjoy 'Deji Akomolafe - 07-21-04 Const ADS_SCOPE_SUBTREE = 2 Const ADS_PROPERTY_CLEAR = 1 Const FILE_PATH = "D:\MyScripts\AD-Garbage-cleanup\" Set FSO=CreateObject("Scripting.FileSystemObject") Set WshShell = Wscript.CreateObject("Wscript.Shell") Set FSOWriteReport=FSO.OpenTextFile(FILE_PATH & "MapDrive_.XLS", 8, True) FSOWriteReport.WriteLine "User Name" & vbTab & "Home Drive Path" & vbTab & "AD Path" Set objShell = CreateObject("Wscript.Shell") Set objConnection = CreateObject("ADODB.Connection") Set objCommand = CreateObject("ADODB.Command") objConnection.Provider = "ADsDSOObject" objConnection.Open "Active Directory Provider" Set objCOmmand.ActiveConnection = objConnection objCommand.CommandText = _ "Select sAMAccountName,distinguishedName,homeDirectory from 'GC://myGC/DC=myChild,DC=myRoot,DC=com' " _ & "where objectClass='User'" objCommand.Properties("Page Size") = 1000 objCommand.Properties("Timeout") = 30 objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE objCommand.Properties("Cache Results") = False Set objRecordSet = objCommand.Execute objRecordSet.MoveFirst Do Until objRecordSet.EOF objUserName = objRecordSet.Fields("sAMAccountName").Value objUserDN = objRecordSet.Fields("distinguishedName").Value Wscript.Echo objUserDN & vbTab & objUserName 'Let's say there is a SPECIFC OU we don't want to touch (e.g. the Executives OU) If instr(UCASE(objUserDN),"OU=EXECS") > 0 Then Else 'Just in case our search filter above doesn't work, let's make sure we are not working on a Computer Account If instr(objUserName, "$") > 0 Then Else 'Now, let's grab the user's LDAP attributes Set ObjPath = getObject("LDAP://" & objUserDN) 'This is what the user's Profile Path will be 'It will be a folder that matches the user's login name, located in the "HomeDirs" share on MyServer TargetFolder = "\\MyServer\HomeDirs\" & objUserName 'Let's write that out, to be sure we got it right wScript.Echo TargetFolder 'First find out if the Folder exists If FSO.FolderExists(TargetFolder) Then Wscript.Echo "Found the Folder" 'If not exist, then create it Else Set objFolder = FSO.CreateFolder(TargetFolder) Wscript.Echo Err.Number End IF 'Now we set Permissions on the Folder Call WshShell.Run("xcacls " & TargetFolder & "/G Administrators:F;F", HIDE_WINDOW, WAIT_ON_RETURN) Call WshShell.Run("xcacls " & TargetFolder & " /E /G myNetBIOSDomainName\" & objUserName & ":F;F", HIDE_WINDOW, WAIT_ON_RETURN) Call WshShell.Run("xcacls " & TargetFolder & " /E /R everyone", HIDE_WINDOW, WAIT_ON_RETURN) 'Now, set the L: drive to the TargetFolder path objPath.Put "homeDirectory", TargetFolder ''The HomeDrive Path objPath.Put "homeDrive", "L:" 'Map the HomeDir to L: drive ''''objPath.PutEx ADS_PROPERTY_CLEAR, "profilePath", 0 'Clear the ProfilePath so they use Local Profile ''''objPath.Put "profilePath", "" 'In Case we want to do Centralized Roaming Profile 'Commit the changes. REALLY! objPath.SetInfo 'Do It Now 'End If 'We are just going to write this to our log file for historical/change control purposes objUserHD = objRecordSet.Fields("homeDirectory").Value FSOWriteReport.WriteLine objUserName & vbTab & objUserHD & vbTab & objUserDN End If End If 'End the test loop for account verification 'Go to the next user objRecordSet.MoveNext Loop Set FSOWriteReport = Nothing Set objScriptExec = Nothing set FSO=Nothing Set objRecordSet = Nothing Set objCOmmand.ActiveConnection = Nothing Set objCommand = Nothing Set objConnection = Nothing Set WshShell = Nothing