0

We are looking at automating the task of granting and revoking Windows network share permissions to certain users (apprentices) that move through different departments in the company. Each time they leave one department their access to the shares should be revoked and access to the shares of the new department granted. We already know the weeks and times that they move around today.

I was thinking of writing a script with a config file including the users, shares and a timetable. Then this script should be run on each first day of the week and check whether someone should be granted or revoked a right.

Any ideas how to best approach that and if that makes sense or if it is too much of an effort and should rather be done manually?

Julius Mensing
  • 1
  • 2
  • 1
    If your AD meets the requirements, you could probably use Time-based Group Membership for this. - https://www.google.com/search?q=time+based+group+membership&rlz=1C1OKWM_enUS859US859&oq=time+based+group+membership&aqs=chrome..69i57.7080j0j8&sourceid=chrome&ie=UTF-8 – joeqwerty Aug 06 '19 at 17:07
  • That is good to know, we shall try that out on Server 2016 which we are currently migrating to as our new Domain Controller – Julius Mensing Aug 06 '19 at 17:19

0 Answers0