No announcement yet.

Home folder creation

  • Filter
  • Time
  • Show
Clear All
new posts

  • Home folder creation

    hi there,

    First post!

    Is it possible to have the service desk creating home folders in AD without making them creator/owner of the folder

    basically, i want them to be able to create a user from A to Z but i dont want them to be able to access there home folder

    I tried different thing but the service desk tech who creates the folder is always the owner, so he can take back any rights he wants

    thx for your inputs

  • #2
    Re: Home folder creation

    what OS ?
    yo ucould probably create a script that would use subinacl or xcacls or similar to forcibly change the owner..\
    Please do show your appreciation to those who assist you by leaving Rep Point


    • #3
      Re: Home folder creation

      If all your home folders are always in the same place, why not use a template user object to copy and create new users, where the template has the path "<fileserver>\<share>\home\%username%" (as an example), so that the folder is created by the user, when the user logs in the first time? The admin who creates the user account won't have ownership of the folder, since he didn't create it.

      As a further step, there is a GP setting with which you can assign a user exclusive access to their redirect folders. Maybe you can apply the same thing to the home folder? That way, even admins won't have access to anyone's home folder unless they take ownership (but that blocks a user if other steps aren't taken).
      MSCA (2003/XP), Security+, CCNA

      ** Remember: credit where credit is due, and reputation points as appropriate **