Create Active Directory Users Home Folder and Assign Permissions with PowerShell

The following function is a work in progress, but I thought I would go ahead and share it.

This function requires a module named PowerShellAccessControl that was created by Rohn Edwards which is downloadable from the TechNet Script Repository. The version 3.0 beta revision of his module which is also downloadable on that same page is what was used to test the examples shown in this blog article.

The following example demonstrates creating  home folders and assigning permissions to those folders for all of the users in the Northwind organizational unit in my test Active Directory environment:


Now to see if the permissions are correct, once again using a function from Rohn’s module:


They look correct based on the previous information and verifying it against who each user’s manager is in Active Directory:


Did you notice the regular expression that I used in the previous example to extract the managers name from the distinguished name that is returned by default?

The cool thing is you can actually create an Active Directory user account, create their home directory, and assign the proper permissions all in one command when the PassThru parameter of Get-ADUser is used to pass the user information to my function:


And to validate the permissions on the users folder were set correctly:


If you enjoyed this blog article and you live within driving distance of Baton Rouge Louisiana, you should consider attending SQL Saturday #324 on August 2nd. There’s an all day PowerShell track and I’ll be presenting two of the PowerShell sessions in that track. Rohn Edwards will also be presenting a session, his is on PowerShell and Access Control.



  1. Akshay

    Dear Mike,

    I’ve a query on how to assign AD level permission to a AD user using Powershell.

    For ex:

    Give AD user “Create Computer Objects”

    Thanks in advance for your help.

  2. Alaoui Ismaili

    Hello ,

    Thanks for you given this script , i have one question about the users folders , how can i modify the script to take each users only owner of folders .

    thanks in advance .

    Best regards


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: