usage of %USERNAME% to create Home folders

Archived from groups: microsoft.public.win2000.active_directory (More info?)

HEllo,

Havea quick question. I am using the %USERNAME% to create home folders for
the users. Issue I am having is that if I perform this action from a
workstation in the domain using the USER AND COMPUTER adminpak tools...the
home folder is not created with the usual permissions. When I do this from
the DC as the domain admin...the home folder gets created as required...with
the user as the owner and with administrators and the user with full
control. THe newly created folder also does not inhetit from it's parent
(also what I want it to do). When this same function is done from a
workstation and using the RUN AS and utilizing the domain admin...the folder
is created...but the administrator is the owner and the permissions are
inherited from the parent.

I'm sure this has been asked before...just couldn't find an answer anywhere.

Thanks.

Dan
5 answers Last reply
More about usage username create home folders
  1. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Are you doing this from XP or W2K pro.
    If XP, have you tried from W2K pro? vice versa?


    --
    Glenn L
    CCNA, MCSE 2000/2003 + Security

    "Deaker00@hotmail.com" <deaker00@hotmail.com> wrote in message
    news:OIc79BcHFHA.4060@TK2MSFTNGP14.phx.gbl...
    > HEllo,
    >
    > Havea quick question. I am using the %USERNAME% to create home folders for
    > the users. Issue I am having is that if I perform this action from a
    > workstation in the domain using the USER AND COMPUTER adminpak tools...the
    > home folder is not created with the usual permissions. When I do this from
    > the DC as the domain admin...the home folder gets created as
    > required...with
    > the user as the owner and with administrators and the user with full
    > control. THe newly created folder also does not inhetit from it's parent
    > (also what I want it to do). When this same function is done from a
    > workstation and using the RUN AS and utilizing the domain admin...the
    > folder
    > is created...but the administrator is the owner and the permissions are
    > inherited from the parent.
    >
    > I'm sure this has been asked before...just couldn't find an answer
    > anywhere.
    >
    > Thanks.
    >
    > Dan
    >
    >
  2. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    I Have only tried it from XP as that is our workstation of choice ...

    Dan

    "Glenn L" <the.only(delete)@gmail dot com> wrote in message
    news:e5oeVWfHFHA.3484@TK2MSFTNGP12.phx.gbl...
    > Are you doing this from XP or W2K pro.
    > If XP, have you tried from W2K pro? vice versa?
    >
    >
    > --
    > Glenn L
    > CCNA, MCSE 2000/2003 + Security
    >
    > "Deaker00@hotmail.com" <deaker00@hotmail.com> wrote in message
    > news:OIc79BcHFHA.4060@TK2MSFTNGP14.phx.gbl...
    >> HEllo,
    >>
    >> Havea quick question. I am using the %USERNAME% to create home folders
    >> for
    >> the users. Issue I am having is that if I perform this action from a
    >> workstation in the domain using the USER AND COMPUTER adminpak
    >> tools...the
    >> home folder is not created with the usual permissions. When I do this
    >> from
    >> the DC as the domain admin...the home folder gets created as
    >> required...with
    >> the user as the owner and with administrators and the user with full
    >> control. THe newly created folder also does not inhetit from it's parent
    >> (also what I want it to do). When this same function is done from a
    >> workstation and using the RUN AS and utilizing the domain admin...the
    >> folder
    >> is created...but the administrator is the owner and the permissions are
    >> inherited from the parent.
    >>
    >> I'm sure this has been asked before...just couldn't find an answer
    >> anywhere.
    >>
    >> Thanks.
    >>
    >> Dan
    >>
    >>
    >
    >
  3. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    "DEAKER00" wrote:
    > I Have only tried it from XP as that is our workstation of
    > choice ...
    >
    > Dan
    >
    > "Glenn L" <the.only(delete)@gmail dot com> wrote in message
    > news:e5oeVWfHFHA.3484@TK2MSFTNGP12.phx.gbl...
    > > Are you doing this from XP or W2K pro.
    > > If XP, have you tried from W2K pro? vice versa?
    > >
    > >
    > > --
    > > Glenn L
    > > CCNA, MCSE 2000/2003 + Security
    > >
    > > "Deaker00@hotmail.com" <deaker00@hotmail.com> wrote in message
    > > news:OIc79BcHFHA.4060@TK2MSFTNGP14.phx.gbl...
    >  >> HEllo,
    >  >>
    >  >> Havea quick question. I am using the %USERNAME% to
    > create home folders
    >  >> for
    >  >> the users. Issue I am having is that if I perform
    > this action from a
    >  >> workstation in the domain using the USER AND COMPUTER
    > adminpak
    >  >> tools...the
    >  >> home folder is not created with the usual
    > permissions. When I do this
    >  >> from
    >  >> the DC as the domain admin...the home folder gets
    > created as
    >  >> required...with
    >  >> the user as the owner and with administrators and the
    > user with full
    >  >> control. THe newly created folder also does not
    > inhetit from it's parent
    >  >> (also what I want it to do). When this same function
    > is done from a
    >  >> workstation and using the RUN AS and utilizing the
    > domain admin...the
    >  >> folder
    >  >> is created...but the administrator is the owner and
    > the permissions are
    >  >> inherited from the parent.
    >  >>
    >  >> I'm sure this has been asked before...just couldn't
    > find an answer
    >  >> anywhere.
    >  >>
    >  >> Thanks.
    >  >>
    >  >> Dan
    >  >>
    >  >>
    > >
    > >

    Hi,

    You must have a Windows 2000 Server. With Windows 2003 and with
    Windows XP, Microsoft has changed the way it creates the users home
    folders. Yep, it blew me away too. So much for "added" security.
    Basically with Windows 2003 Server when you create a users home folder
    inside Active Directory using the %username%, it creates the folder
    with the Inherited permissions. Therefore you must set the Users at
    the Root Folder as read "This folder only" to make sure they aren’t
    inherited.

    Cheers,

    Lara

    --
    Posted using the http://www.windowsforumz.com interface, at author's request
    Articles individually checked for conformance to usenet standards
    Topic URL: http://www.windowsforumz.com/Active-Directory-usage-USERNAME-create-Home-folders-ftopict271371.html
    Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=857377
  4. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    OK...SO I have tested it...and it is as you say. If I use the Admin tools on
    a Windows 2000 workstation as the domain admin...it creates the user folder
    as required. If I do the exact same thing on an XP Pro workstation....the
    permissions get inherited and the owner is the administrator. This is
    WHACKED!!!!

    Is there any way around this? I need the user folders created as they are in
    Windows 2000 with the user as the owner of the folder and the permissions
    set as the Administartors groups and user with full control...NOT
    inheriting.

    Dan
    "lforbes" <UseLinkToEmail@WindowsForumz.com> wrote in message
    news:4224cabb$1_5@alt.athenanews.com...
    > "DEAKER00" wrote:
    > > I Have only tried it from XP as that is our workstation of
    > > choice ...
    > >
    > > Dan
    > >
    > > "Glenn L" <the.only(delete)@gmail dot com> wrote in message
    > > news:e5oeVWfHFHA.3484@TK2MSFTNGP12.phx.gbl...
    > > > Are you doing this from XP or W2K pro.
    > > > If XP, have you tried from W2K pro? vice versa?
    > > >
    > > >
    > > > --
    > > > Glenn L
    > > > CCNA, MCSE 2000/2003 + Security
    > > >
    > > > "Deaker00@hotmail.com" <deaker00@hotmail.com> wrote in message
    > > > news:OIc79BcHFHA.4060@TK2MSFTNGP14.phx.gbl...
    > >  >> HEllo,
    > >  >>
    > >  >> Havea quick question. I am using the %USERNAME% to
    > > create home folders
    > >  >> for
    > >  >> the users. Issue I am having is that if I perform
    > > this action from a
    > >  >> workstation in the domain using the USER AND COMPUTER
    > > adminpak
    > >  >> tools...the
    > >  >> home folder is not created with the usual
    > > permissions. When I do this
    > >  >> from
    > >  >> the DC as the domain admin...the home folder gets
    > > created as
    > >  >> required...with
    > >  >> the user as the owner and with administrators and the
    > > user with full
    > >  >> control. THe newly created folder also does not
    > > inhetit from it's parent
    > >  >> (also what I want it to do). When this same function
    > > is done from a
    > >  >> workstation and using the RUN AS and utilizing the
    > > domain admin...the
    > >  >> folder
    > >  >> is created...but the administrator is the owner and
    > > the permissions are
    > >  >> inherited from the parent.
    > >  >>
    > >  >> I'm sure this has been asked before...just couldn't
    > > find an answer
    > >  >> anywhere.
    > >  >>
    > >  >> Thanks.
    > >  >>
    > >  >> Dan
    > >  >>
    > >  >>
    > > >
    > > >
    >
    > Hi,
    >
    > You must have a Windows 2000 Server. With Windows 2003 and with
    > Windows XP, Microsoft has changed the way it creates the users home
    > folders. Yep, it blew me away too. So much for "added" security.
    > Basically with Windows 2003 Server when you create a users home folder
    > inside Active Directory using the %username%, it creates the folder
    > with the Inherited permissions. Therefore you must set the Users at
    > the Root Folder as read "This folder only" to make sure they aren't
    > inherited.
    >
    > Cheers,
    >
    > Lara
    >
    > --
    > Posted using the http://www.windowsforumz.com interface, at author's
    request
    > Articles individually checked for conformance to usenet standards
    > Topic URL:
    http://www.windowsforumz.com/Active-Directory-usage-USERNAME-create-Home-folders-ftopict271371.html
    > Visit Topic URL to contact author (reg. req'd). Report abuse:
    http://www.windowsforumz.com/eform.php?p=857377
  5. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    "deaker00" wrote:
    > OK...SO I have tested it...and it is as you say. If I use the
    > Admin tools on
    > a Windows 2000 workstation as the domain admin...it creates
    > the user folder
    > as required. If I do the exact same thing on an XP Pro
    > workstation....the
    > permissions get inherited and the owner is the administrator.
    > This is
    > WHACKED!!!!
    >
    > Is there any way around this? I need the user folders created
    > as they are in
    > Windows 2000 with the user as the owner of the folder and the
    > permissions
    > set as the Administartors groups and user with full
    > control...NOT
    > inheriting.
    >
    > Dan
    > "lforbes" <UseLinkToEmail@WindowsForumz.com> wrote in message
    > news:4224cabb$1_5@alt.athenanews.com...
    > > "DEAKER00" wrote:
    >  > > I Have only tried it from XP as that is our
    > workstation of
    >  > > choice ...
    >  > >
    >  > > Dan
    >  > >
    >  > > "Glenn L" <the.only(delete)@gmail dot com>
    > wrote in message
    >  > > news:e5oeVWfHFHA.3484@TK2MSFTNGP12.phx.gbl...
    >   > > > Are you doing this from XP or W2K pro.
    >   > > > If XP, have you tried from W2K pro? vice
    > versa?
    >   > > >
    >   > > >
    >   > > > --
    >   > > > Glenn L
    >   > > > CCNA, MCSE 2000/2003 + Security
    >   > > >
    >   > > > "Deaker00@hotmail.com"
    > <deaker00@hotmail.com> wrote in message
    >   > > >
    > news:OIc79BcHFHA.4060@TK2MSFTNGP14.phx.gbl...
    >  > >  >> HEllo,
    >  > >  >>
    >  > >  >> Havea quick question. I am using the
    > %USERNAME% to
    >  > > create home folders
    >  > >  >> for
    >  > >  >> the users. Issue I am having is that
    > if I perform
    >  > > this action from a
    >  > >  >> workstation in the domain using the
    > USER AND COMPUTER
    >  > > adminpak
    >  > >  >> tools...the
    >  > >  >> home folder is not created with the
    > usual
    >  > > permissions. When I do this
    >  > >  >> from
    >  > >  >> the DC as the domain admin...the
    > home folder gets
    >  > > created as
    >  > >  >> required...with
    >  > >  >> the user as the owner and with
    > administrators and the
    >  > > user with full
    >  > >  >> control. THe newly created folder
    > also does not
    >  > > inhetit from it's parent
    >  > >  >> (also what I want it to do). When
    > this same function
    >  > > is done from a
    >  > >  >> workstation and using the RUN AS and
    > utilizing the
    >  > > domain admin...the
    >  > >  >> folder
    >  > >  >> is created...but the administrator
    > is the owner and
    >  > > the permissions are
    >  > >  >> inherited from the parent.
    >  > >  >>
    >  > >  >> I'm sure this has been asked
    > before...just couldn't
    >  > > find an answer
    >  > >  >> anywhere.
    >  > >  >>
    >  > >  >> Thanks.
    >  > >  >>
    >  > >  >> Dan
    >  > >  >>
    >  > >  >>
    >   > > >
    >   > > >
    > >
    > > Hi,
    > >
    > > You must have a Windows 2000 Server. With Windows 2003 and
    > with
    > > Windows XP, Microsoft has changed the way it creates the
    > users home
    > > folders. Yep, it blew me away too. So much for "added"
    > security.
    > > Basically with Windows 2003 Server when you create a users
    > home folder
    > > inside Active Directory using the %username%, it creates the
    > folder
    > > with the Inherited permissions. Therefore you must set the
    > Users at
    > > the Root Folder as read "This folder only" to make sure they
    > aren't
    > > inherited.
    > >
    > > Cheers,
    > >
    > > Lara
    > >
    > > --
    > > Posted using the http://www.windowsforumz.com interface, at author's
    > request
    > > Articles individually checked for conformance to usenet
    > standards
    > > Topic URL:
    > http://www.windowsforumz.com/Active-Directory-usage-USERNAME-create-Home-folders-ftopict271371.html
    > > Visit Topic URL to contact author (reg. req'd). Report
    > abuse:
    > http://www.windowsforumz.com/eform.php?p=857377

    Hi,

    I couldn’t find a way around it. With Windows 2003 server, it does
    make the user the owner of the folder and Full-control on the folder,
    but it does inherit now. I think they changed the way folder creation
    was scripted.

    Cheers,

    Lara
Ask a new question

Read More

Domain Active Directory Windows