Quick Script to Modify user home directory permissions

Home Drive Permissions

common user home folder location from dsa.msc

Migrating user home drives can be a pain if permissions are not copied over at the same time. Permissions can also get messed up for other reasons like improper data restore or an admin clicking the wrong button.

Provided your home folder share is configured as \\server\share\%username% then this quick script can add the user with Full Control rights to their folder.

$usersfolder = "\\server\share\"

foreach ($folder in (gci $usersfolder)) {
    Write-Host $folder.FullName -ForegroundColor Yellow
    $Acl = Get-Acl $folder.FullName
    $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("DOMAIN\$($folder.name)", "FullControl","ContainerInherit,ObjectInherit","None","Allow")
    $Acl.SetAccessRule($AccessRule)
    Set-Acl -Path $folder.FullName -AclObject $Acl
}

This will iterate through the folders and add DOMAIN\username (provided the folder is named the same as the user’s samaccountname) with Full Control.

Written with StackEdit.