Problem:
A new Developer is brought on board and needs access to the ULS logs on 10 different machines.
2 part solution:
Part 1:
This only has to be done once, so I did this manually, A powershell script would be great for this, but I don’t have one – Sorry!
- Create a local group on each server called “LogReaders”
- Share the ULS logs folder on each server
- Add “read” permissions to the “LogReaders” group to the share/NTFS permissions for the ULS log folder
Part 2:
Use the following script, updating values to match your environment –
Run the script as needed, each time a new developer needs access to the log folders
#AddUserToLogs.ps1 #this script is an adaptation of a forum post by jrv: http://social.technet.microsoft.com/Forums/en-US/ITCG/thread/35b8022e-7c0e-49fb-b4c7-346b83ed3fd0/ #jrv (http://social.technet.microsoft.com/profile/jrv/?ws=usercard-mini) provided the function Add-LocalUser # I added the wrapper to make it work for my needs function main { $user = "userIDneededtobeadded" $domain = "yourdomain" $Group = "LogReaders" $computers = @("computernanme1", "computername2", "computername3", "etc..") foreach ($Computer in $Computers) { write-host $computer -foregroundcolor green Add-LocalUser -Computer $Computer -group $group -userdomain $domain -username $user } } function Add-LocalUser{ Param( $computer=$env:computername, $group="LogReaders", $userdomain=$env:userdomain, $username=$env:username ) ([ADSI]"WinNT://$computer/$Group,group").psbase.Invoke("Add",([ADSI]"WinNT://$domain/$user").path) } main
Works like a charm