Windows 7 Changing the user space to an other partition

[dreuzel]

I've writen some scripts to change the C:\user to an other partition.
all seems to work but I can not change the security on the SYMBLINK and Junctions (not the directories)
assuming all in c:\users\%USERNAME% is machine independent ...
All data will be recreated at first login anyhow

x:\users\%username% can be used from a remote machine (workgroup roaming)
it can be placed on any other partition

C:\Users\All Users
C:\Users\Default
C:\Users \Default User

are simply redirected to thier original position using MKLINK


Procedure execute after Win7 install ( only one user defined)

     > UserEnv   H:
rem 
rem   create  user  environment in Windows /Vista 
REM   change  registry  settings 
rem   destination  %1%
rem 
set  home_home=%1
set protect=cscript H:\install\Path\xcacls.vbs
pushd %cd%
md %home_home%\Users
cd/D %home_home%\Users
rem    MKLINK /D   xxx    c:\aa\bbb
rem    delete  using  explorer 
   MKLink /D  "All Users"  %ALLUSERSPROFILE%
   MKLink /J "default"    C:\Users\Default
   MKLINK /J "default User" C:\USERS\Default
   ROBOCOPY c:\Users\Public  %home_home%\Users\Public /Z /R:1 /W:1 /MIR /COPYALL
REM Security  Hidden ...
rem    I no indexed 
rem /L   work on the  link instead  of  on the directory 
   Attrib/L  +R +I +H "All Users"  
   Attrib/L  +r +h "default"   
   Attrib/L  +R +I +S +H "Default User" 
rem    %protect%  "ALL USERS"   /G Everyone:S ,SYSTEM:, Administrators:S /D Everyone:S
rem    %protect%  "Default"     /G Everyone:rlx ,SYSTEM:f, Administrators:F ,users:rlx /D Everyone:S
rem    %protect%  "Default User"     /G Everyone:,SYSTEM:, Administrators:  /D Everyone:S
popD
rem  HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList  
userEnv.Vbs              rem  cange  the  registry  key's    Runned separately  for  now

I want to set the same security on the new partition /Users/All Users, Default User \ Default


but I'm only acting on the real directory ..... I need suggestions(not an experienced Xcacls user)



HOME_HOME environment variable is used to pass the partition location

Dim WSHShell,cmdComputer
cmdComputer="."
Set WSHShell = WScript.CreateObject("WScript.Shell")
Call SetEnv("$Home_Home",           "H:")    ' temp fixed
NSTALL_HOME",        "%Home_Home%\Install")
call SetReg("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ProfilesDirectory", "%HOME_HOME%\Users")
call SetReg("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Public", "%HOME_HOME%\Users\Public")
 
Set WSHShell = Nothing    
 WScript.Quit(0)
Function addPath(Value)
 dim path
  Dim schellObj,envobj
   Value=trim(Value)
    set shellObj = WScript.CreateObject("WScript.Shell") 
    set envObj = shellObj.Environment("System")   
    path=envObj("PATH")
    path=trim(path)
    if (right(path,1) <> ";") then
         path=path&";"
    end if 
    if ( instr(1,path,Value,1) =0 ) then 
       path=path & value  & ";"   'add  to the  path 
       envObj("PATH")=path
    End If 
End  Function
Function SetReg(Path,Valu)
DIM schellOBJ,Key
    Path=trim(Path)
    Valu=Trim(Valu) 
    set shellObj = WScript.CreateObject("WScript.Shell") 
    Key="REG_EXPAND_SZ"
    ShellObj.RegWrite Path,Valu,key
End Function
Function SetEnv(Vari,Value)
  Dim schellObj,envobj,key,key2,intrc 
 '
 ' Environment   user and .default  user       and   system($)  
 '
  key=""
  key2=""
  Vari=trim(Vari)
  Value=trim(Value)
  set shellObj = WScript.CreateObject("WScript.Shell")   
  if (left(Vari,1)="$") then    'system  variables 
           Vari= right(Vari,len(Vari)-1)
           key="System"  'key="HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\"   
  else 
      key ="User"    'HKEY_CURRENT_USER\Environment\"       'HKEY_CURRENT_USER\Environment
  end if  
  set envObj = shellObj.Environment(key)   
  envObj(Vari)=Value     'system and  User  handled  Process  Volatile   not supported yet   
  set shellObj=Nothing
  set envObj=Nothing
End Function

All comments welcome.
Did I forget some thing ???? please comment

 

[ChatGPT]

It seems like you have a detailed script for redirecting the C:\Users directory to another partition and setting up the necessary environment for user profiles. You mentioned you are having difficulty changing the security on the SYMLINK and Junctions for "/Users/All Users", "Default User", and "Default" directories. To address the security settings for these directories, you can use the xcacls.vbs script you have referenced in your code snippet. Here are some suggestions and insights based on your script:

1. Use of Xcacls.vbs: Ensure that you are using the xcacls.vbs script correctly to set the security permissions on symbolic links and junction points. The xcacls.vbs script allows you to modify file permissions from the command line.
2. Access Control Lists (ACLs): Make sure you are applying the correct Access Control Lists (ACLs) to the symbolic links and junction points. This includes setting permissions for specific users or groups (Everyone, SYSTEM, Administrators, etc.).
3. Test Permissions: Before finalizing the script, it's recommended to test the permissions on a test environment or directory to ensure that the security settings are applied as intended.
4. Backup Data: Since you are dealing with critical system directories, ensure you have backups of the data in case any unexpected issues arise during the permission setting process.
5. Environment Variables: Double-check the environment variables like HOME_HOME that you are using to pass the partition location and confirm that they are set correctly.
6. Registry Settings: Validate that the registry settings you are modifying are accurate and align with the intended configurations for user profiles.
7. Error Handling: Implement error handling in your script to capture any potential issues during the setting of security permissions.
8. Documentation: Document the entire process and scripts comprehensively for future reference and troubleshooting. To summarize, ensure that the xcacls.vbs script is correctly applied to set the security permissions on the symbolic links and junctions for the specified directories. Test thoroughly and consider potential scenarios that might impact the security settings. If you encounter any specific issues or errors during the process, provide additional details to troubleshoot effectively.