Here is a task that most Network Administrators will face at one time or another, moving User Home Directories from one Server to another. We are in the process of organising new Servers for 2009 and these will be Windows Server 2008 and the current Servers are running on Windows 2003 Server Standard Edition. Now currently our Home Folders are individually shared as hidden shares, and I want to move to a convention of a parent shared User Folder with individual folders for each user in there that are not shared.
Now I wanted to explore the PowerShell option to copy from the source server to the destinsation server and keep the NTFS Permissions intact after the copy, as I have previosuly used PowerShell to do a bulk import of users into Active Directory and that woked a treat. I was a bit dissapointed with the PowerShell options using GET-ACL and SET-ACL because I could do individual folders one at a time but that would take forever, and I couldn’t see an easy way to iterate through them….
Enter ROBOCOPY……
Now with ROBOCOPY I can copy all the User Directories that already have the correct NTFS File Permissions set, to the New Windows 2008 Server and keep these permissions in tact. Below is the RoboCopy string that I used.
robocopy.exe \\source_server\share\ C:\Users /E /SEC /COPYALL /V /ETA /TEE /ITEM
Now the thing to consider here is the Share Permissions and the File Permissions of the Parent Folder eg. Users. The Share Permissions that I set were as follows, Domain Admins – Full Control, Staff – Full Control, Students – Read Only. The NTFS (File Permissions) were as follows, Domain Admins, Ent Admins and Staff – Full Control. This will mean that all the new User Accounts that we create after the copy process will inherit these permissions also and Active Directory will assign the user permissions automatically once the Home Directory Path is set in the Profile Tab of the User Account Object.
Eventhough Students have Read Access to the parent share the can’t access it and get the “Access Denied” Message is they try. Meaning that they can’t get into anyone elses Home Directories. The next step was to change the Home Directory path in their Account Profile and Bingo all done.
Hope this helps a few of you out when it comes time to Migrate User Home Directories from one server to another.
Make Sure you SUBSCRIBE to the RSS Feed to keep updated. ALSO I know have a “The Network Administrators Newsletter” so pop your Email Address in the box on the right and get some more great tips, tricks and how – to’s.
↧
How To Migrate User Home Directories with RoboCopy
↧
