Automate provisioning of Home Directories on a QNAP TS-879U-RP NAS using Powershell

The next task I needed to achieve on this project was to automate the provisioning of home directories on the QNAP NAS.  (For the original post see here)

To achieve this,  I had it in mind that the script would read in members of the ‘NAS Users’ group (as per my previous posts on this project) and create the home directories if they were not already there as well as set the appropriate NTFS permissions on the directory to ensure that the logged-on user was able to access the directory.

I also wanted error checking in the script, and a logging option.  On top of this, I timed how long it took to complete the same task manually on a per user basis and added a ‘Time Saved’ log.  This way you can easily see how much total time has been saved by the use of this script over a manual creation method – could be useful for negotiating at work !

I thought I would then add the script to a scheduled task on one of our servers and set it to run every day at 7:00am.

1 – Create an Active Directory account for the Powershell Script to run.

I had intended the  powershell script to run as a ‘script’ in a scheduled task.  I wanted the script to run under an account especially for this task and so in Active Directory I created a user account called: NAS (You may wish to choose a more meaningful name as this is an account name selected just for this blog example!)

2 – Prepare the NAS for the script Logging and home directory creation

I planned on my script having a switch that would enable logging.  If this was turned on, I wanted the logs stored on the NAS under a share called: NASLogs.

On the NAS interface under Control Panel -> Privilege Settings ->Shared Folders I had already created a share called ‘NASLogs’  I then clicked on the ‘Access Permissions’ button:

NASLog Share

I then clicked the ‘Add’ button, selected ‘Domain Users’ from the pull-down list at the top and browsed for my ‘NAS’ AD user.  I then gave this user Read/Write permissions to the share:


Now when the scheduled task runs the powershell script under the ‘NAS’ AD account it will be able to write to the log files.

I then repeated this for the ‘NASHome’ share that was already created earlier as this is where all of the home directories will be created.  This way, my ‘NAS” AD account will have the appropriate permissions required to be able to create the directories as the script runs.

3. The powershell script

You can download the script here.  I’m no powershell guru and I’m sure the script can be enhanced and improved in a thousand ways.  Feel free to modify it as you see fit.  As it stands right now though, it works and that’s all that matters to me.

4.  Preparing for the scheduled task

I copied the script to one of our servers and then prepared the “NAS” user account on that server by allowing it ‘Log On As Batch Job’ permissions as otherwise the script will not run successfully.  To do that, on the server that will be running the scheduled task, I opened the local security policy.  See screenshot below on where to find this:


…And then I added the ‘NAS’ user to the ‘Log on as batch job’ which you can find under the ‘User Rights Assignment’ node:


Now everything is in place to create the scheduled task.

5.  Create the scheduled task

I started to create a new scheduled task, ensuring that the task was set to run using my ‘NAS’ account created earlier and that the task runs whether user is logged on or not:


For the task trigger, I chose to run every day at 7:00am however you can change this to meet your needs.

Now the important part.  I am running this as a ‘script’ and not a module.  Therefore, in my script, I call the function with the function parameters I was interested in.  In my case I wanted the logging turned on.  You could have run this as a module as an alternative method.  With that in mind, my action is: Start a program, The program \ script is: powershell.exe and the arguments are: -command &{c:\Path\To\Script\scriptname.ps1}

task action

And that is all there is to it!


Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.