Views:

Applies To:

GroupID 10.x - Synchronize

Business Scenario:

When a user is created in Active Directory, we assign them a home folder by populating their homeDirectory attribute:

\\<MachineName>\<FolderName>\%username%

This creates a home folder for the user named after their samAccountName.

Now that we are using GroupID Synchronize to automatically provision users in Active Directory, how can we automatically assign home folders to them?

More Information:

A home folder is a private network location where users can store personal files. It is stored in a shared folder on a network server. Users can access their home folders from any computer on the network.

Steps:

Follow the steps below to automatically assign a home folder to a user at the time of creation. You can either create a new Synchronize job or modify an existing one.

  1. In GroupID Management Console, select Synchronize > All Jobs. Either create a new job or double-click an existing job to edit it.

  2. Go through the pages of the wizard until you reach the Select Fields page.

  3. Move the homeDirectory and homeDrive fields to the Selected Fields box and click Next.

  4. On the Field Map(s) page, click the Transform button in the homeDirectory attribute row.

  5. On the Transform dialog box, select Script - write a Visual Basic .NET script to assign a value programmatically from the Set the destination field to drop-down list and then click Edit Script to open the Script Editor.

  6. In the Script Editor, copy and paste the following script after customizing it. Test the script and click OK.

    'Use the Format \\<MachineName>\<FolderName>
    DTM.Result = ("\\BOX-DC\Mydriv$" & DTM.Source("First") & "." & DTM.Source("Last"))

  7. On the Field Map(s) page, click the Transform button in the homeDrive attribute row.

  8. On the Transform dialog box, select Static – assign a static value from the Set the destination field to drop-down list. Provide the drive letter and click OK to close the dialog box.

  9. On the Field Map(s) page, click Edit Global Script.

  10. In Global Script Editor, click Tools>Add/Remove Reference. On the Add Reference dialog box, click Browse.

  11. Go to x:\ProgramFiles\Imanami\GroupID8.x\Synchronize\Power Tools and select Imanami.Synchronize.ActiveDirectoryTool.dll. Click Open and then OK.

  12. Add the following library cmdlet at the start of the Global Script Editor:

    ImportsSystem.Security.AccessControl

  13. Now locate the DTM_RowAdded event and paste the following script:

    Dim domainName As String = "ca.com" 'YOUR DOMAIN NAME OR NETBIOS HERE' Dim fileServer As String = "\\Box-DC\MyDrive$\{0}" ' Path for the File Server or Shared Folder for Personal Drives Here If Len(fileServer) > 0 Then Dim personalFolder As String personalFolder = String.Format(fileServer, args.StagingDestination("SamAccountName")) Try ' Creating personal folder of the user ActiveDirectoryTool.ConfigureFromDestination() ActiveDirectoryTool.CreateHomeDirectory(domainName & "\" & args.StagingDestination("SamAccountName"), personalFolder) Catch Ex As Exception 'msgbox("Error: " & Ex.Message) End Try 'Set the permissions for the particular user on the given folder. Try 'Adds the modify permissions for the user on its own folder ActiveDirectoryTool.SetPermission("\\BOX-DC\MyDrive$\","box.com" & "\" & args.StagingDestination("SamAccountName") ,FileSystemRights.Modify ,AccessControlModification.Add) 'Adds the FullControl permissions for the Administrators group on users folder  'ActiveDirectoryTool.SetPermission(personalFolder, "Administrators ",FileSystemRights.FullControl ,AccessControlModification.Add) 'Adds the FullControl permissions for the Domain Admins group on users folder  'ActiveDirectoryTool.SetPermission(personalFolder, domainName & "\" & "Domain Admins",FileSystemRights.FullControl ,AccessControlModification.Add) Catch End Try End If

  14. Click Build>Compile Script. On successful compilation, close the editor.

  15. Go through the remaining pages of the New Job/Edit Job wizard and click Finish to create the job.

  16. Run the job.

  17. On successful run, the attributes will be populated and users will be able to see their home drives mapped.

Reference:

GroupID Online Help: Synchronize

Keywords: users, home folder, homeDirectory attribute, network location, automatically
Comments (0)