Folder Structure - Best practice???

  • Thread starter Thread starter John
  • Start date Start date
J

John

Can anyone share how they've setup their corporate folder structures?
I'm looking for ideas on how to simplify and reduce administrative
overhead. Userfolders, Departmental folders, shared areas, etc.
thanks in advance.
 
John <roundsjr@gmail.com> wrote:
> Can anyone share how they've setup their corporate folder structures?
> I'm looking for ideas on how to simplify and reduce administrative
> overhead. Userfolders, Departmental folders, shared areas, etc.
> thanks in advance.

It's hard to say, given that companies have different needs. Some companies
want to all users to share/access everything - some want departments and
groups to have only their own folder.

As far as simplified administration is concerned, it's got more to do with
your AD group structure than the file/folder hierarchy on your server,
really. Do stuff with groups (not users) and keep things simple. You can
nest AD security groups within other groups, remember.

Here's an example ....

1. Home directories (\\server\home$\%username%)
2. Management folder (\\server\management$)
3. Accounting folder (\\server\accounting$)
4. General shared data folder (\\server\shared$)
5. Software images,drivers, etc (\\server\distrib$)

On the server, that might look like

E:\Data
|--Home
|--Management
|--Accounting
|--Shared
|--Distrib

Share security = everyone, full control

Folder-level security is via AD groups.
I disable inheritence on the E:\DATA folder so everything's customized per
folder.
Administrators & system have full rights to everything.
I don't use Domain Users for anything; I create Companyname Users for
general permissions, and Companyname Management, Companyname Accounting, as
security groups...and the most any of those ever get is Modify (and for the
distrib folder, read&execute only).

Your mileage may vary, but the above has worked for me, for years.

The only general piece of advice I can give is, don't set up shares/folders
that have different security requirements on their subfolders. E.g., don't
get into the business of denying access to S:\Subfolder1 and S:\Subfolder2
if the whole company has access to the S/parent drive. It can quickly become
a nightmare.
 
On Jul 24, 3:56 pm, "Lanwench [MVP - Exchange]"
<lanwe...@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote:
> John <round...@gmail.com> wrote:
> > Can anyone share how they've setup their corporate folder structures?
> > I'm looking for ideas on how to simplify and reduce administrative
> > overhead. Userfolders, Departmental folders, shared areas, etc.
> > thanks in advance.
>
> It's hard to say, given that companies have different needs. Some companies
> want to all users to share/access everything - some want departments and
> groups to have only their own folder.
>
> As far as simplified administration is concerned, it's got more to do with
> your AD group structure than the file/folder hierarchy on your server,
> really. Do stuff with groups (not users) and keep things simple. You can
> nest AD security groups within other groups, remember.
>
> Here's an example ....
>
> 1. Home directories (\\server\home$\%username%)
> 2. Management folder (\\server\management$)
> 3. Accounting folder (\\server\accounting$)
> 4. General shared data folder (\\server\shared$)
> 5. Software images,drivers, etc (\\server\distrib$)
>
> On the server, that might look like
>
> E:\Data
> |--Home
> |--Management
> |--Accounting
> |--Shared
> |--Distrib
>
> Share security = everyone, full control
>
> Folder-level security is via AD groups.
> I disable inheritence on the E:\DATA folder so everything's customized per
> folder.
> Administrators & system have full rights to everything.
> I don't use Domain Users for anything; I create Companyname Users for
> general permissions, and Companyname Management, Companyname Accounting, as
> security groups...and the most any of those ever get is Modify (and for the
> distrib folder, read&execute only).
>
> Your mileage may vary, but the above has worked for me, for years.
>
> The only general piece of advice I can give is, don't set up shares/folders
> that have different security requirements on their subfolders. E.g., don't
> get into the business of denying access to S:\Subfolder1 and S:\Subfolder2
> if the whole company has access to the S/parent drive. It can quickly become
> a nightmare.

Great reply... thanks for your time!
 
Back
Top