Announcement

Collapse
No announcement yet.

Different shared directories access on the same logical drive

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Different shared directories access on the same logical drive

    Here is the scenario:

    I have an Exchange server and a file server using Windows 2003. In the file server I have 3 partitions. One used for home directories (roaming profiles), second partition for installing applications and the third partition named as Data with drive letter F:\. Both servers have DC and I have created the users under AD UC in Exchange server.

    I would like in File Server to have in F: drive, a shared area and department folders. For example under F:\ to have
    shared\A, B, C
    DepartmentA\
    DepartmentB\

    What I would to do is, A)assign a mapped drive for all users to F:\shared and B)assign department folder to each deparment member. In addition, I would like to give full access only to head of each departrment and all the others at the same department to have READ/Write access.

    So, for example a user A, I would like to have a mapped drive called H:\ for his home directory, K:\for applications, S:\for shared area(F:\shared), M:\for each department folder I want to assign to specific users.

    I hope I was clear

  • #2
    Re: Different shared directories access on the same logical drive

    OK, no particular problem
    I would suggest logon scripts and group policy, with users in each department in different OUs

    Tom
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Different shared directories access on the same logical drive

      Thanks for your reply. You mean to create a different OU for each department and then to assign a Group Policy to each one? Are they going to be hidden from the other departments and be seen only from the one that I choose?

      I hope, I was clear.

      Comment


      • #4
        Re: Different shared directories access on the same logical drive

        If permissions are set up correctly, other departments will see that different departmental drives exist but will not be able to get into them. Will that do?

        I suggest you check up on permissions (both NTFS and share) and groups before you set up too much

        Tom
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Different shared directories access on the same logical drive

          Thanks Ossian. I will read about NTFS and share permissions

          Comment


          • #6
            Re: Different shared directories access on the same logical drive

            Hi again,

            I have read articles about sharing and NTFS rights. I am not clear on how to proceed with my design as explained in first post. Do I have,

            1. Create OU for each department
            2. Add a GPO under each department and add the users giving their rights?

            thanks

            Comment


            • #7
              Re: Different shared directories access on the same logical drive

              Depends a lot of what are you trying to achieve and what do you have at the moment.
              If your AD environment is already set and it works, I wouldn't touch it. You can achieve the same result by linking multiple GPOs to different OUs and using Security Filtering to decide who gets what.
              I would run with the GPO as Logon Script a CMD file that will map the different drives to the different users.
              If you could provide more detailed info regarding your AD, we could help you more.

              Sorin Solomon


              In order to succeed, your desire for success should be greater than your fear of failure.
              -

              Comment


              • #8
                Re: Different shared directories access on the same logical drive

                As you cam see from my first post, I have 2 servers. One has the Exchange server and the AD, and the other one is the File server (DC) where I need the above scenario.

                I have 3 partitions on my file server. A)home directories, B)DATA, and C)Applications. In B) i would like to have a common shared area for all users, and areas for each department, e.g, finance, marketing, IT, communication, etc.

                At the moment, everything is working and I have created shared folders for each department and assign users manually for each department using sharing. I don't want that, because if someone will leave or someone added to our office, I have to do it again manually.

                I would like to have groups as I used in Novell and inside I could add users and assign different user rights.

                Comment


                • #9
                  Re: Different shared directories access on the same logical drive

                  Originally posted by dchatz View Post
                  I would like to have groups as I used in Novell and inside I could add users and assign different user rights.
                  I am working with Novell since version 3, I can tell you there's no problem achieving that.
                  Tell me, please:
                  - are your users separated in OUs by their departments? Or by other considerations? Or are all of them in the same OU?
                  - what are you feeling more comfortable with? DOS commands or VB? Would you prefer a CMD file or a VB script? (The professionals work with VB, since its run-time is faster - but you decide ).

                  Sorin Solomon


                  In order to succeed, your desire for success should be greater than your fear of failure.
                  -

                  Comment


                  • #10
                    Re: Different shared directories access on the same logical drive

                    Thanks for your reply.

                    All users are under one OU. I have only 20 users, but I would like to make different OUs for each department and work with that. Why do we need CMD or VB to do that?

                    Can't we do it by GPO or anything else? I have no problem with VB by the way.

                    Comment


                    • #11
                      Re: Different shared directories access on the same logical drive

                      AFAIK, there's no way of mapping shared folders in GPO, other than by running scripts - at startup, for computers, or at login, for users. Here comes the scripting language. The actions' list should be:
                      1) write a VBS script that does the desired action; test it, that it does the right thing;
                      2) create a GPO;
                      3) define the script to run as startup/login script;
                      4) link the GPO to a testing OU and test it, to see that it works;
                      5) link the GPO to the production OU. Use Security Filtering , if needed (not applicable in this case, as I understand from you).
                      Separating your users to OUs by their department sounds like a good step. Are there users that work in more than one?
                      Tell me if this sounds acceptable for you, and I'll suggest a script (I'm working on it at the moment).

                      Sorin Solomon


                      In order to succeed, your desire for success should be greater than your fear of failure.
                      -

                      Comment


                      • #12
                        Re: Different shared directories access on the same logical drive

                        It sounds good. Please let me know if you have understood what I would like to achieve. I am afraid of my English that's why I am asking. For example a person from Fundraising I would like to log an and see,

                        H:\Home directory
                        S:\Shared (general shared for all staff)
                        F:\Fundraising

                        and for Finance for example to add one more map drive K:\applications where I have an accounting package.

                        Comment


                        • #13
                          Re: Different shared directories access on the same logical drive

                          It shouldn't be a problem. You have few steps to do, to achieve your goal:
                          1) preparing the shares, including permissions;
                          2) write the CMD files;
                          3) create the GPO for every department, link it to the specific OU;

                          I would write a quick, plain CMD file that contains the following commands:

                          @echo off
                          net use h: \\server\shareA\%USERNAME%
                          net use s: \\server\shareB\Shared
                          net use f: \\server\shareB\[DepartmentName]
                          net use k: \\server\shareC\
                          - for those departments that need it...
                          Save the file as [DepartmentName].CMD . You'll need as many CMD files as departments you have.

                          Do you need help with the shares and the GPOs? Is there anything else you feel missing?

                          Sorin Solomon


                          In order to succeed, your desire for success should be greater than your fear of failure.
                          -

                          Comment


                          • #14
                            Re: Different shared directories access on the same logical drive

                            Sorin, thanks for your quick replies. It is Saturday and I am trying to finish during the wkd.

                            A quick question is about the server to use for the above. I have the AD in my Exchange server and there I have created the users and emails addresses and on the file server, I want to do the above. I will do the folder creation and file sharing in my file server, but what about the OU, .cmd files and GPOs?

                            Comment


                            • #15
                              Re: Different shared directories access on the same logical drive

                              I am not sure that I understood exactly your question, but here is the answer:
                              - you should create the shares on the File server, this is its destiny;
                              - OUs should be created with Active Directory Users and Computers tool, that should be available in your XP after you install the AdminPak;
                              - GPOs should be created with the GPMC.msc tool;
                              - CMD files are written in Notepad, they are plain text files.
                              Last edited by sorinso; 13th January 2007, 16:03.

                              Sorin Solomon


                              In order to succeed, your desire for success should be greater than your fear of failure.
                              -

                              Comment

                              Working...
                              X