Application to manage File Shares, Login Scripts and AD Groups

---

• From: jc <wildman@xxxxxxxxxxxx>
• Date: Fri, 6 Jun 2008 06:12:51 -0700 (PDT)

---

Like many Microsoft shops we have evolved into one giant mess of Login
Scripts, AD groups and File shares. The provisioning process for new
users is a crazy mess of copying scripts around creating very similar
shares and AD groups. Because the huge number of users, the operation
becomes a full time job for Administrators who really should be doing
real work instead of user provisioning and maintenance, but because of
the security required and the potential for a disaster we've never
rolled it down to the help desk.

All That said, as a developer, I see a huge potential for a design
that could address this very important need. An application that would
group staff into functional roles, and assign base properties to those
roles for File shares and AD security. And with those base roles,
dynamically generate login scripts on the fly. A world where physical
login scripts would not exist and everything would live inside a
database, wrapped in business rules and roles that would be managed by
an application with built in controls, and logging and quick rollback
feature.

Is the above a crazy idea? Maybe it already exists and we re-
inventing the wheel?

It's been my previous experience that coding such systems with very
general and wide spread value (not just for the organization wanting
it) is rarely a smart idea in that you end up create a layer on top of
an established set of tools (Microsoft) that constantly has to be
maintained. In addition, it can create a group of users who now have a
valid reason to not understand the real tools.

Thoughts ? Suggestions? Alternatives?
.

---

• Follow-Ups:
  • Re: Application to manage File Shares, Login Scripts and AD Groups
    • From: Paul Bergson [MVP-DS]

• Prev by Date: Re: Change password for users with blank password: Error
• Next by Date: Re: Account control
• Previous by thread: Terminal Services and User Profiles Question
• Next by thread: Re: Application to manage File Shares, Login Scripts and AD Groups
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Multiple Questions ... adding to the local administrators group is giving ... Login scripts - I've a bunch of various apps I need installed on ... Assigning to a user will install the app upon logon. ... (microsoft.public.win2000.active_directory) Re: Multiple Questions ... adding to the local administrators group is giving ... Login scripts - I've a bunch of various apps I need installed on ... Assigning to a user will install the app upon logon. ... (microsoft.public.win2000.general) Re: Multiple Questions ... adding to the local administrators group is giving ... Login scripts - I've a bunch of various apps I need installed on ... Assigning to a user will install the app upon logon. ... (microsoft.public.win2000.group_policy) Re: Multiple Questions ... adding to the local administrators group is giving ... Login scripts - I've a bunch of various apps I need installed on ... Assigning to a user will install the app upon logon. ... (microsoft.public.win2000.advanced_server) Re: Multiple Questions ... I want the testuser user to be local Administrator of the testlaptops ... Login scripts - I've a bunch of various apps I need installed on ... Assigning to a user will install the app upon logon. ... (microsoft.public.win2000.active_directory)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)