• State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 62 subscribers
  • Views 10298 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Use ARS and/or powershell to create groups - nested & add members automatically?

virtuallynothere
over 12 years ago

We use the lousy nested structure for shared folder ntfs permissions where a domain local group contains a universal which contains a global and the global has the users.  I want to find a way to create the 3 groups required when a new folder is setup, then add users to the global group.

Also, does anyone have any good references on the latest best practices for share permissions? I know when/why dl groups are used, but why use the nesting scheme for every file share on 20+ file servers?

Parents
  • 0 over 11 years ago

    Hi,

    here is a PoSh script sample to create group structure:

    $users = "John Smith", "Sarah Connor"

    $group = "My Group"

    $ou = "My OU"

    Connect-QADService -proxy

    $groupG = New-QADGroup ($group+" G") -ParentContainer $ou -GroupType Security -GroupScope Global

    $groupU = New-QADGroup ($group+"U") -ParentContainer $ou -GroupType Security -GroupScope Universal

    $groupDL = New-QADGroup ($group+" DL") -ParentContainer $ou -GroupType Security -GroupScope DomainLocal

    Add-QADGroupMember $groupG $users

    Add-QADGroupMember $groupU $groupG

    Add-QADGroupMember $groupDL $groupU

Reply
  • 0 over 11 years ago

    Hi,

    here is a PoSh script sample to create group structure:

    $users = "John Smith", "Sarah Connor"

    $group = "My Group"

    $ou = "My OU"

    Connect-QADService -proxy

    $groupG = New-QADGroup ($group+" G") -ParentContainer $ou -GroupType Security -GroupScope Global

    $groupU = New-QADGroup ($group+"U") -ParentContainer $ou -GroupType Security -GroupScope Universal

    $groupDL = New-QADGroup ($group+" DL") -ParentContainer $ou -GroupType Security -GroupScope DomainLocal

    Add-QADGroupMember $groupG $users

    Add-QADGroupMember $groupU $groupG

    Add-QADGroupMember $groupDL $groupU

Children
No Data