Hi,

We are using IDM 4.0.2. we have a AD driver for user provisioning. We
have a requirement to set home directory and set permission when ever a
new user is created in AD. This we could do it via scripting service
driver by calling a powershell.

But we wanted to do this without the scripting service driver. Please
let know how this can be implemented only with AD driver.

ref: below is the powershell script we used via scripting service
driver

================================================== ========

param($UserID)

$Share = "C:\Software\drives\"
$FuldSti = $Share + $UserID
$rule = New-Object
System.Security.AccessControl.FileSystemAccessRule ($UserID,"FullControl",
"ContainerInherit, ObjectInherit", "None", "Allow")
$actuser=[Environment]::UserName


start-transcript -path C:\Software\powers\logs\$UserID.log -noclobber
-append

import-module activedirectory
New-Item -path $Share -name $UserID -ItemType directory | Out-Null

$acl = Get-Acl $FuldSti
$acl.AddAccessRule($rule)
$acl.SetOwner([System.Security.Principal.NTAccount] $UserID)

Set-Acl $FuldSti $acl

# $acl | Format-List

Set-ADUser $UserID -HomeDirectory C:\Software\drives\$UserID -HomeDrive
P: -ScriptPath "LOGON.BAT"

Clear-Host

Stop-Transcript

================================================== ========

Thanks,
DK


--
dinatechmnovell
------------------------------------------------------------------------
dinatechmnovell's Profile: https://forums.netiq.com/member.php?userid=6777
View this thread: https://forums.netiq.com/showthread.php?t=51933