It most companies I always setup DFS as the home server structure. This allows me to have the same home folder/server location for all users regardless of where data resides. The nightmare of this scenario is the many steps it takes to create all of this. Below is a starter script I have written to automate the process. This script doesn’t take into account existing user accounts or data, so some sanity checks are needed.

#config variables
$strDomainName = "@domain.local" #your suffix for all AD users "@domain.local" (UPN Suffix)
$strUserPath = "OU=Users,DC=domain,DC=local" #DN for users OU "OU=Path,OU=To,OU=Users,DC=domain,DC=local"
$strFileServer = "SERVERNT01" #The server that hosts the files for DFS (Hostname)
$strFileServerRootPath = "E:\Users\" #the local folder on the file server that contains the user folders
$strDFSRootPath = "\\domain.local\Home\" #The root of the home folder path for DFS \\server\root or domain based \\domain.local\root

##########################
# Do not edit below this #
##########################

#promt for info
$strUserFirst = read-host "Please enter the first name: "
$strUserLast = read-host "Please enter the last name: "
$strUserName = read-host "Please enter the username: "

#random password
$objRandom = New-Object System.Random
$NewPassword=[char]$objRandom.next(65,72) #random capitol letter A through G
1..6 | ForEach { $NewPassword = $NewPassword + [char]$objRandom.next(97,122) } #random lowercase a through z
$NewPassword = $NewPassword + [char]$objRandom.next(48,57) #Random number 0 throu 9
$SecurePassword = ConvertTo-SecureString $NewPassword -AsPlainText -Force

#setup some variables
$strUPN = ($strUserName + $strDomainName)
$strHomeFolder = ($strFileServerRootPath + $strUserName)
$strShare = ($strUserName + "$")
$strFileServerShareRootPath = ("\\" + $strFileServer + "\")

#create the account
New-ADUser -Name ($strUserFirst + " " + $strUserLast) -GivenName $strUserFirst -Surname $strUserLast -SamAccountName $strUserName -UserPrincipalName $strUPN -AccountPassword $SecurePassword -Path $strUserPath -PassThru | Enable-ADAccount

#replicate AD
repadmin /syncall /A /P /e /d > $null

#Create the folder
Invoke-Command -ComputerName $strFileServer -Scriptblock {
#create the folder
New-Item $Using:strHomeFolder -ItemType directory -Force > $null
#set the ACL
$objACL = Get-Acl $Using:strHomeFolder
$objPermission = $Using:strUPN,"Modify",”ContainerInherit,ObjectInherit”,”None”,”Allow”
$objAccessRule = new-object System.Security.AccessControl.FileSystemAccessRule $objPermission
$objACL.SetAccessRule($objAccessRule)
$objACL | Set-Acl $Using:strHomeFolder > $null
#share it out
New-SmbShare -name $Using:strShare -path $Using:strHomeFolder -FullAccess Everyone > $null
}
#create the DFS link
New-DfsnFolder -path ($strDFSRootPath + $strUserName) -TargetPath ($strFileServerShareRootPath + $strShare) > $null
#output the user and password
Write-Host "Created user $strUPN with password: $NewPassword"

Here is a simple powershell to copy all users in a group to another.

$objGroupMembers = Get-ADGroupMember -Identity GRP-MySourceGroup
foreach($objUser in $objGroupMembers)
{
     Add-ADGroupMember -Identity GRP-MyDestGroup -Members $objUser
}

Sometimes you give yourself full permissions to a mailbox for testing. After you remove your access, the mailbox hangs around your Outlook. Attempts to remove the mailbox give you the error

This group of folders is associated with an e-mail account. To remove the account, click the File Tab, and on the Info tab, click Account Settings. Select the e-mail account, and then click Remove.

The fix for this is to add yourself back to the mailbox with Powershell while using the -Automapping flag, then remove your access again.

Add-MailboxPermission -Identity TARGETACCOUNT -User YOURACCOUNT -AccessRights FullAccess -InheritanceType All -Automapping $false
Remove-MailboxPermission -Identity TARGETACCOUNT -User YOURACCOUNT -InheritanceType All -AccessRights FullAccess