Announcement

Collapse
No announcement yet.

NW to AD migration

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • NW to AD migration

    Hello all....I'm finally getting around to removing my Netware server from the network and have a couple questions regarding shares and permissions. I already have AD in place, just don't use it for file sharing yet.

    I'd like to try to keep the drive mappings as close to the current scheme as possible. For example everyone has the mapped drive of G:\ which maps to \\server\volume.

    Under volume there's a folder called "User" and each user has their own sub folder which no one else, except admins, can even see.

    Also, there is another folder called "Shared" also under volume which then has sub folders that they only have access to based on what group they belong to.

    So it looks like this:

    G:\User\username which equals
    \\servername\volume\User\username

    G:\Shared\groupname which equals
    \\servername\volume\Shared\groupname

    Again, users can only see the folders they have rights to and nothing else. ie Accounting can not see Engineering's folder. Forgive my ignorance, but how can this be accomplished with my brand new 2K3 Storage Server that is sitting waiting for me?

    Thanks guys and Merry Couple Days Before Christmas

  • #2
    Re: NW to AD migration

    I'm, not sure what you are looking for but I guess you mean ABE (access based enumeration)
    http://www.google.co.uk/search?hl=en...e+Search&meta=
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: NW to AD migration

      Originally posted by Dumber View Post
      I'm, not sure what you are looking for but I guess you mean ABE (access based enumeration)
      http://www.google.co.uk/search?hl=en...e+Search&meta=
      I'll give it a shot. Thanks.

      To try to clarify; if user Bob, who is part of Accounting logs in he'll only see the following:

      G:\user\Bob AND G:\Shared\Accounting

      If Mary from Engineering logs in she'll only see:

      G:\user\Mary and G:\Shared\Engineering

      Bob can't see that Mary's folder or Engineering exists and Mary can't see Bob's folders.

      I think the ABE is what I need, but I'll have to test it out.

      Thanks again.

      Comment


      • #4
        Re: NW to AD migration

        I think indeed ABE is the thing you need.
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment


        • #5
          Re: NW to AD migration

          This is just my luck....ABE does want to install on Windows Storage Server 2003 SP2.

          Comment


          • #6
            Re: NW to AD migration

            What is a storage server? I think the OS is called differently.
            Marcel
            Technical Consultant
            Netherlands
            http://www.phetios.com
            http://blog.nessus.nl

            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
            "No matter how secure, there is always the human factor."

            "Enjoy life today, tomorrow may never come."
            "If you're going through hell, keep going. ~Winston Churchill"

            Comment


            • #7
              Re: NW to AD migration

              Windows 2003 Storage server is an appliance you can buy, got a NAS2000 from HP. Cheap but a pain in the arse to support and patch, and it will not virtualise.

              We do the same thing here but found it easier in the long run to use H: to map to \\server\volume\user\username as their home directory and specify it in their AD account.
              Then their department drive is mapped based on their group membership, ie accounts have G: mapped to \\server\volume\shared\accounts. For those who need more than one department we have s: mapped to \\server\volume\shared and permission granted to the department folder at that level.
              Last edited by zarg; 23rd December 2008, 16:58.

              Comment


              • #8
                Re: NW to AD migration

                Originally posted by zarg View Post
                we have s: mapped to \\server\volume\shared and permission granted to the department folder at that level.
                Do you change the NTFS permissions for those department folders based on the groups?

                Comment


                • #9
                  Re: NW to AD migration

                  Yep but using a different group so not to confuse the login script. Then you drop people in the group which needs access and they get it on the next login. So accounts would have "Accounts" which the normal accounts staff would be put into to get the G drive mapping and "Accounts Access" for those in other departments which need access to the accounts folder.

                  Comment


                  • #10
                    Re: NW to AD migration

                    Originally posted by jp1 View Post
                    This is just my luck....ABE does want to install on Windows Storage Server 2003 SP2.
                    All ABE requires is W2K3 SP1. The ABE download contains the explorer extensions to administer the feature.
                    http://www.microsoft.com/Downloads/d...displaylang=en
                    Guy Teverovsky
                    "Smith & Wesson - the original point and click interface"

                    Comment


                    • #11
                      Re: NW to AD migration

                      Originally posted by guyt View Post
                      All ABE requires is W2K3 SP1. The ABE download contains the explorer extensions to administer the feature.
                      http://www.microsoft.com/Downloads/d...displaylang=en
                      I had to go thru all three before I found the one that would install.

                      Thanks guys I believe I have it now. With a combination of ABE, 1 share, and setting up NTFS permissions for folders under that share I got the results that I was looking for.

                      Thanks for all the help.

                      Comment


                      • #12
                        Re: NW to AD migration

                        Glad ABE was the solution for you where you was looking for
                        Marcel
                        Technical Consultant
                        Netherlands
                        http://www.phetios.com
                        http://blog.nessus.nl

                        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                        "No matter how secure, there is always the human factor."

                        "Enjoy life today, tomorrow may never come."
                        "If you're going through hell, keep going. ~Winston Churchill"

                        Comment

                        Working...
                        X