Skip to main content

Automatically share out Hidden User Profiles from File Server

If you’ve ever had to set up home drives for a bunch of users, you’ll know it’s one of those jobs that gets old really fast. Going into each folder, creating a share, setting the permissions, and making sure it’s hidden — it’s fine for one or two people, but if you’re dealing with an entire company it’s a real time sink. Luckily, PowerShell makes this whole process way easier.

The script we’re looking at takes the folder where all the home drives live — say H:\HomeDrives — and loops through every single subfolder inside it. Each subfolder is assumed to be named after a username, so if you’ve got a folder called jdoe, the script knows that belongs to the user jdoe. It then automatically creates a hidden share for that folder by adding a dollar sign to the end of the name, so instead of \\Server\jdoe you’ll get \\Server\jdoe$. The dollar sign is just a Windows trick to keep the share hidden from casual browsing, but users can still connect to it directly.

Before making the share, the script checks whether one already exists for that username. If it finds one, it deletes it first so you don’t end up with errors. Once it’s clear, it goes ahead and creates the new share, pointing it at the correct folder and giving the matching domain account full access. In other words, the user jdoe will have a hidden share pointing to their own folder, and they’ll be the only one with permissions to it at the share level.

The beauty of this is that it runs through every folder automatically, so instead of spending ages setting up shares by hand, you can run the script once and all your users are taken care of. It keeps the naming consistent, it makes sure permissions are applied properly, and it massively cuts down the admin work. Pair this with the right NTFS permissions on the folders themselves and you’ve got a clean, secure, and automated way to manage home drives without the usual hassle.

 # Path where the home profile folders are stored
$HomeRoot = "H:\HomeDrives"

# Your domain name (edit this to match your environment)
$Domain = "NetBIOS Domain Name"

# Loop through each folder
Get-ChildItem -Path $HomeRoot -Directory | ForEach-Object {
    $UserName = $_.Name
    $FolderPath = $_.FullName
    $ShareName = "$UserName$"   # Hidden share with $ at the end
    $Account   = "$Domain\$UserName"

    Write-Host "Creating share for $UserName -> $ShareName"

    # Remove existing share if it exists
    if (Get-SmbShare -Name $ShareName -ErrorAction SilentlyContinue) {
        Remove-SmbShare -Name $ShareName -Force
    }

    # Create the hidden share (give user full access)
    New-SmbShare -Name $ShareName -Path $FolderPath -FullAccess $Account
}

No comments to display

Back to top