Here is a Powershell script that can be used to have a user's Homedirectory change and move from one school location to another.
NOTES
Add this code as a Powershell Script Module. Then add it to your Policy as a "Script Execution Policy".
The "Parameters" tab will have two "Parameter values"
Add your Server name to the "Target Server"
Add your Shared folder name to the "Target Share"
The user's home folder will rename from what it is and then recreate itself on the new server when the user is moved using Active Roles.
SCRIPT
#*********************************************************************************
# THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
# EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
#
# IF YOU WANT THIS FUNCTIONALITY TO BE CONDITIONALLY SUPPORTED,
# PLEASE CONTACT ONE IDENTITY PROFESSIONAL SERVICES.
#*********************************************************************************
function onInit($context)
{
$par1 = $Context.AddParameter("Target Server")
$par1.MultiValued = $False
$par1.Description = "LDAP Server"
$par2 = $Context.AddParameter("Target Share")
$par2.MultiValued = $False
$par2.Description = "Server Share"
$par2.Defaultvalue = "st_home$"
}
function onPreMove($Request)
{
$strOLDHomeDir = $DirObj.Get("homeDirectory")
Rename-Item "$strOLDHomeDir" "$strOLDHomeDir _MOVED"
}
function onPostMove($Request)
{
$strServer = [string]$PolicyEntry.Parameter("Target Server")
$strShare = [string]$PolicyEntry.Parameter("Target Share")
$strSamName = $DirObj.Get("samAccountName")
$folder = "\\$strServer\$strShare\$strSamName"
New-Item -ItemType Directory -Path "$folder"
New-Item -ItemType Directory -Path "$folder\Documents"
New-Item -ItemType Directory -Path "$folder\Favorites"
$permissions = Get-Acl $folder
$userpermissions = New-Object System.Security.AccessControl.FileSystemAccessRule($strSamName,“FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
$permissions.AddAccessRule($userpermissions)
Set-Acl $folder $permissions
Set-QADUser -identity "$strSamName" -homeDrive h: -homeDir "$folder"
}
#***** END OF CODE ***************************************************************