Adding an existing user in an OU to another OU in Windows Server 2008 R2

there 3 departments a, b , c ous, user groups, departmental shared folder and users. there urgent need create new departmental ou (lets call d) shared folder accessed group members only, other departments. the  shared folder was created using gpo, same way done other departments.

the users joing department d are 2 new users , 4 existing users in departments a, b , c. the new departmental ou (department d) and group created in active directory. when 2 new users created, access department d's shared folder when 4 existing users in departments a, b , c made members of department d, not access shared folder.

can pls help?

 

hi,

sorry delay, couldn't answer earlier.

when use gpo logon/startup scripts stored within gpo's guid folder under

\\domain.local\sysvol\domain.local\policies\ and search *.vbs files

another option use user's logon script. can use batch file or vbscript

for first case (batch file) can use that

@echo off

net use <driveletter>: /delete
net use <driveletter>: \\servername\sharename

and put logon script name within user's ad properties under "profile" tab

for vbscript can use

on error resume next

set objnetwork = createobject("wscript.network")

objnetwork.removenetworkdrive "<driveletter>:", true, true
objnetwork.mapnetworkdrive "<driveletter>:", "\\servername\sharename"

and also, put it in user's ad properties under "profile" tab or use logon script in gpo.

when want use 1 common logon script users, can realy on user's group membership. need use more steps

on error resume next

set objsysinfo = createobject("adsysteminfo")
set objnetwork = createobject("wscript.network")
set objuser = getobject("ldap://" & objsysinfo.username)

for each strgroup in objuser.memberof
    strgrouppath = "ldap://" & strgroup
    set objgroup = getobject(strgrouppath)
    strgroupname = objgroup.cn
 
 
    select case strgroupname
       
        case "<ad-group-name1>"
 objnetwork.removenetworkdrive "<driveletter>:", true, true
 objnetwork.mapnetworkdrive "<driveletter>:", "\\servername\sharename"

 case "<ad-group-name2>"
 objnetwork.removenetworkdrive "<driveletter>:", true, true
 objnetwork.mapnetworkdrive "<driveletter>:", "\\servername\sharename"

    end select

next

i hope somehow you. if have more questions, not hesitate ask

---

regards, krzysztof ---- visit blog @ http://kpytko.wordpress.com

Windows Server  >  Directory Services