File Services - what are you using? New ideas?

Hi all,

We are currently running a Win2k3 server running our DNS, AD, DHCP and
Fileservices.  Our CTO does not like the way our file system is setup
and is looking for new solutions.  SOme of his issues are Security,
Difficulty finding documents - including those of employees that have
left where you can't ask the person where they put something, along with
some structural issues as in seeing folders staff doesn't have access
to.

Some solutions that came to mind were using an encryption software such
as PGP for certain folders such as the Management etc.

For search problems, someone has suggested getting a Search Engine and
putting it on top of the filesystem, one that will search at the
document content level.

THe filesystem structure in my opinion can be solved easily by not
sharing at the rood folder level and sharing at the department level
(account has access to and sees only those folders etc), right now it's
shared at an upper level and all different departments are visible but
access denied to some.


There is also talks of putting everything into a Sharepoint type
system.

Do you guys have any suggestions?


I'm also looking into getting a shared storage device, san or nas not
sure yet and virtualizing the dhcp/dns/fileserver.


-- 
Silvester
------------------------------------------------------------------------
Silvester's Profile: http://forums.techarena.in/members/214276.htm
View this thread: http://forums.techarena.in/windows-server-help/1343637.htm

http://forums.techarena.in

0
Silvester
6/4/2010 2:49:32 PM
windows.server.general 1084 articles. 0 followers. Follow

8 Replies
563 Views

Similar Articles

[PageSpeed] 51

"Silvester" <Silvester.4c1e9b@DoNotSpam.com> wrote in message 
news:Silvester.4c1e9b@DoNotSpam.com...
>
> Hi all,
>
> We are currently running a Win2k3 server running our DNS, AD, DHCP and
> Fileservices.  Our CTO does not like the way our file system is setup
> and is looking for new solutions.  SOme of his issues are Security,
> Difficulty finding documents - including those of employees that have
> left where you can't ask the person where they put something.

This is a procedural issue.  Not a file system issue.  Of course you can't 
ask a terminated employee where their files were.
We have a documented check-list, for what to do when an employee is 
terminated.  And in that list, among other things... is instructions on how 
to handle the former employees data.  We first give their manager access to 
the folder where it is currently located.  And any other employees that the 
manager wants to have access to the folder.  The manager knows (because it's 
company policy) that the folder will be moved after 30 days, and that they 
are to "move" any files that they want to keep, to their own folder before 
the 30 days is up.  Then the folder is moved to a "Gone" folder. It's left 
there for 1 year, and then deleted. 


0
JohnB
6/4/2010 4:13:34 PM
On 06/04/10 09:49, Silvester wrote:
> Some solutions that came to mind were using an encryption software 
> such as PGP for certain folders such as the Management etc.

Can I ask why you are considering encryption?  Is it just to prevent 
access to the document like you could with file system security / ACLs?

> For search problems, someone has suggested getting a Search Engine 
> and putting it on top of the filesystem, one that will search at the 
> document content level.

I believe that Microsoft has a number of different technologies that 
fall in to this category, many of which should integrate with your 
current environment.

I'd at least evaluate (to see if it will do what you want) what 
Microsoft has to offer before looking at 3rd party vendors.

> THe filesystem structure in my opinion can be solved easily by not 
> sharing at the rood folder level and sharing at the department level 
> (account has access to and sees only those folders etc), right now 
> it's shared at an upper level and all different departments are 
> visible but access denied to some.

I consider what you are proposing to be best practice for the complaints 
that you are saying.

> There is also talks of putting everything into a Sharepoint type 
> system.

I don't know enough about SharePoint to comment other than I think that 
unless you really need it, that is a lot of over head just for searching 
documents.

> Do you guys have any suggestions?

I'd start by looking at the search features built in and / or add-ons 
from Microsoft.

> I'm also looking into getting a shared storage device, san or nas not 
> sure yet and virtualizing the dhcp/dns/fileserver.

Remember that your file server(s) really is (are) a NAS.  So a NAS 
device is going to be very similar to your current file server(s).

SANs on the other hand are quite different.

Remember that NAS is for many people to connect to a share (ala file 
server) where as a SAN is for one (cluster of) server(s) to access a 
drive.  Usually, you have a server (NAS) front ending to a SAN.

Virtualization is an interesting critter that can be both good and bad. 
  It is in some ways independent of your other concerns.



Grant. . . .
0
Grant
6/4/2010 4:15:04 PM
On 06/04/10 11:13, JohnB wrote:
> We have a documented check-list, for what to do when an employee is 
> terminated.  And in that list, among other things... is instructions 
> on how to handle the former employees data.  We first give their 
> manager access to the folder where it is currently located.  And any 
> other employees that the manager wants to have access to the folder. 
>  The manager knows (because it's company policy) that the folder will 
> be moved after 30 days, and that they are to "move" any files that 
> they want to keep, to their own folder before the 30 days is up. 
>  Then the folder is moved to a "Gone" folder. It's left there for 1 
> year, and then deleted.

That sounds like a good policy.

I might extend the 30 days to 60 or 90 based on how slow some of my 
customers are.  But aside from how long the folder is there, I like it.



Grant. . . .
0
Grant
6/4/2010 4:36:00 PM
excellent input.  I am doing some research now on using Windows Search
and indexing the mapped drives for the search capabilities.

I also like the policy, but I think we all know it's rather difficult to
get Managers to actually go through past employees documents and it will
be up to IT to retrieve them from that "gone" folder after either way.

As for the NAS/SAN, we have some experts here that can give me advice on
which route to go.  I want to turn this fileserver into an ESX server to
cluster with our other ESX which is why i'm looking into shared storage
and virtualizing the server.


-- 
Silvester
------------------------------------------------------------------------
Silvester's Profile: http://forums.techarena.in/members/214276.htm
View this thread: http://forums.techarena.in/windows-server-help/1343637.htm

http://forums.techarena.in

0
Silvester
6/4/2010 4:56:26 PM
On 06/04/10 11:56, Silvester wrote:
> As for the NAS/SAN, we have some experts here that can give me advice 
> on which route to go.  I want to turn this fileserver into an ESX 
> server to cluster with our other ESX which is why i'm looking into 
> shared storage and virtualizing the server.

*nod*

In that case, you would most likely want your ESX guest VMs to access 
their disks via a SAN of sorts.  That way the guest VM can be running on 
any ESX node and still access its (the VM's) own disk with out a problem.



Grant. . . .
0
Grant
6/4/2010 7:50:22 PM
In article <Silvester.4c1e9b@DoNotSpam.com>, 
Silvester.4c1e9b@DoNotSpam.com says...
> 
> Hi all,
> 
> We are currently running a Win2k3 server running our DNS, AD, DHCP and
> Fileservices.  Our CTO does not like the way our file system is setup
> and is looking for new solutions.  SOme of his issues are Security,
> Difficulty finding documents - including those of employees that have
> left where you can't ask the person where they put something, along with
> some structural issues as in seeing folders staff doesn't have access
> to.
> 
> Some solutions that came to mind were using an encryption software such
> as PGP for certain folders such as the Management etc.
> 
> For search problems, someone has suggested getting a Search Engine and
> putting it on top of the filesystem, one that will search at the
> document content level.
> 
> THe filesystem structure in my opinion can be solved easily by not
> sharing at the rood folder level and sharing at the department level
> (account has access to and sees only those folders etc), right now it's
> shared at an upper level and all different departments are visible but
> access denied to some.
> 
> 
> There is also talks of putting everything into a Sharepoint type
> system.
> 
> Do you guys have any suggestions?
> 
> 
> I'm also looking into getting a shared storage device, san or nas not
> sure yet and virtualizing the dhcp/dns/fileserver.

SBS 2008 would be the first place to start, if you're smaller than 75 
users.

When I setup networks for a company I create default shares

\\servername\Accounting
\\servername\Business
\\servername\Common
\\servername\Public
\\servername\Projects
\\servername\Departments\department_a
\\servername\Departments\department_b
\\servername\Departments\department_c....
\\servername\Utilities

Each share\area is assigned with a Security Group that only permits 
access to that area base on membership - if you're not a member then you 
will get an access denied error.

In some cases we have created Read Only security groups (which means you 
need to create a RWED group to compliment it)

SGP_SHARE_ACCOUNTING_RWED
SGP_SHARE_ACCOUNTING_RONLY

With this method we've been able to pass every security audit at ever 
company.

NEVER apply permissions for a user, only for groups - and you may need 
to explicitly deny "take ownership" and deny "change permissions".


-- 
You can't trust your best friends, your five senses, only the little 
voice inside you that most civilians don't even hear -- Listen to that.  
Trust yourself.
spam999free@rrohio.com (remove 999 for proper email address)
0
Leythos
6/5/2010 2:31:46 PM
On Jun 4, 9:49=A0am, Silvester <Silvester.4c1...@DoNotSpam.com> wrote:
> Hi all,
>
> We are currently running a Win2k3 server running our DNS, AD, DHCP and
> Fileservices. =A0Our CTO does not like the way our file system is setup
> and is looking for new solutions. =A0SOme of his issues are Security,
> Difficulty finding documents - including those of employees that have
> left where you can't ask the person where they put something, along with
> some structural issues as in seeing folders staff doesn't have access
> to.
>
> Some solutions that came to mind were using an encryption software such
> as PGP for certain folders such as the Management etc.
>
> For search problems, someone has suggested getting a Search Engine and
> putting it on top of the filesystem, one that will search at the
> document content level.
>
> THe filesystem structure in my opinion can be solved easily by not
> sharing at the rood folder level and sharing at the department level
> (account has access to and sees only those folders etc), right now it's
> shared at an upper level and all different departments are visible but
> access denied to some.
>
> There is also talks of putting everything into a Sharepoint type
> system.
>
> Do you guys have any suggestions?
>
> I'm also looking into getting a shared storage device, san or nas not
> sure yet and virtualizing the dhcp/dns/fileserver.
>
> --
> Silvester
> ------------------------------------------------------------------------
> Silvester's Profile:http://forums.techarena.in/members/214276.htm
> View this thread:http://forums.techarena.in/windows-server-help/1343637.h=
tm
>
> http://forums.techarena.in

Explore SharePoint and Windows Rights Management
0
Lil
6/7/2010 8:50:00 PM
"Silvester" <Silvester.4c1e9b@DoNotSpam.com> wrote in message 
news:Silvester.4c1e9b@DoNotSpam.com...

> We are currently running a Win2k3 server running our DNS, AD, DHCP and
> Fileservices.  Our CTO does not like the way our file system is setup
> and is looking for new solutions.  SOme of his issues are Security,
> Difficulty finding documents - including those of employees that have
> left where you can't ask the person where they put something, along with
> some structural issues as in seeing folders staff doesn't have access
> to.


Good concernes except, "issues as in seeing folders staff doesn't have 
access to"

Forget that,..it is meaningless.  Knowing that a folder exist does not mean 
it is accessable and it is completely pointless to haggle about that.  In 
addition to that it may be a *good* thing in the event that an employee 
might have a legitament need to access the folder and if they can see that 
it exist but can't get into it, then it presents an opportunity for the 
employee to approach management to get the permissions opened up to them. 
But if they did not know it existed then they would never have known what to 
ask for.


-- 
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------


0
Phillip
6/9/2010 6:16:10 PM
Reply:

Similar Artilces:

How to Filter cells and save the file with certain criteria?
Hello. I have a Excel file that contains a large list of Tracking Numbers. The tracking numbers are from two sets of order types- Internet orders and Mail Orders. Orders that are from the Internet are matched up with a order number such as "5678". Orders from the mail-order side are designated by initials "MO". So in Excel it'll look something like this: trackingnumber orderid 123365656666 5467 152155896345 5468 123365634567 MO 152134567789 5469 152151234563 MO Is there a way to eliminate the Mail-Order rows and save the Excel file to ...

file send to as attachment outlook 2007
When using in word or excel command "send a copy of the document in an e-mail message as an attachment", outlook creats a new e-mail message with the document attached as it should be done. Then I add text in message body, and send the mail. It arrives only with the attachment. The text in message body disappears. This happens only if I work in outlook chache mode. My os is winXp Pro, and my server is SBS 2003. It used to work correct, until somthing happened. Any idea to solve? Thank you Zipi ...

How to suggest new feature
I have been awarded BizSpark subscription on August 31, 2009 with the subscription id - 1400044525. Since then I have been working on creating a solution to add value in Microsoft Products. I have come up with a new feature for Microsoft Excel (and in process for PowerPoint). The feature’s proof of concept is ready and the timing is just right for that to get included in Excel 2010. My claim - • This will become most used (loved) ribbon button by users • This will save time as the worksheets increases • It will add feather in ribbon intuitiveness (fluency) • It will keep work...

Dynamic List Box using VBA
I wasn't really sure how to phrase this one -- this isn't your Typical Drop-Down List. I have a SELECT statement which queries SQL Server 2005 and displays the data in Excel. Let's say that a database lists products that have been delivered to 4 different cities, on 3 seperate days -- without knowing (in advance) the delivery dates, how could I create an input/drop-down field to allow the user to specify a particular date? I envision something like this: VBA code produces a list box of delivery dates based on a particular product and city. The user selects a delivery date ...

If I accidently replace a saved file can I retrieve the old file?
No. PLEASE write your question in the body of the post and NOT just the subject. Have a look here: http://dts-l.org/goodpost.htm -- Gordon Burgess-Parker Interim Systems and Management Accounting www.gbpcomputing.co.uk "kamabiv" <kamabiv@discussions.microsoft.com> wrote in message news:2A547F5D-AA2C-44D7-AEC7-8961A81AC4E5@microsoft.com... > ...

Best Practises setup with AD or File Server
Hi, We have a scenario where we are retiring out dedicated backup server. Currently we are using Symantec Backup Exec 11d. However, instead of replacing the dedicated server, their is a suggestion that I use existing servers for Backup Exec Are their known issues installing backup exec on a DC which also holds FSMO roles (PDC etc)? The other option is to install backup exec (and tape drive) on a file server which hosts the H and S drives. what do you think? I would use the file server. Presumably it is being accessed during the day when no backups are running. The b...

Using ExecuteQuery to get Listing of Cases
I'm attempting to programatically extract a listing of Cases (similar to the Cases listing in the Case Manager of the CRM app) using the Microsoft.Crm.Platform.Proxy.CRMQuery.ExecuteQuery() method. I can successfully extract Account and Contract info using ExecuteQuery, but I've been unsuccessful in locating a sample of a "QueryXML" string for listing Cases. This is my latest attempt, but I'm not even sure if "Incident" is the correct Entity for what I'm attempting. <fetch mapping='logical'> <entity name='Incident'> <order a...

Money Plus Service Pack After EOL?
They say we can install and use the software as long as we want without the services. But what happens when we need to reformat or install on a new machine? Will we be able to download and install that service pack? As far as I know, the download and install is managed through the program itself. Is there an offline installer available? TIA. The problem as things stand now will be a lot worse than just the "service pack". You won't be able to activate the copy much less get the updates for it. This has all been discussed in many threads. Also http://umpmfaq.info/Mon...

Can I use a Report expression for queries?
Is it possible to use the following expression that is used in reports on queries? =[Sales]/Sum([Sales])*100 Or some expression to get the result. Thank you. No. In your query, you can refer to text boxes on a form, but not on a report. That's because of the way reports are formatted (sequentially.) Forms have a current record, which identifies which value you want. Reports don't. In the context of a query, there are other ways to get totals, such as DLookup(): http://allenbrowne.com/casu-07.html or a subquery: http://allenbrowne.com/subquery-01.html -- Allen Browne ...

OT: What tax software is everyone using this year?
TurboTax is too expensive ($40 + electronic filing fees), TaxCut is $30 and included filing fees, TaxAct is $20 for the same thing. Do Money 2006 Deluxe owners get any special offers on Taxcut? -- Aloke ---- to reply by e-mail remove 123 and change invalid to com Excel. I'll probably use the Quicken free efile and then put my own data in the free state online system. "Aloke Prasad" <aprasad123@columbus.rr.invalid> wrote in message news:esnx6uG$FHA.3564@TK2MSFTNGP10.phx.gbl... > TurboTax is too expensive ($40 + electronic filing fees), TaxCut is $30 > and i...

Question regarding the simultaneous use of tape drives
Hi folks, a customer of us wants to use DPM instead of their current Symantec solution. A question I coudn't answer was if they could use their 6-drive tape-robot to for example backing up and restoring at the same time. Thank you in advance for your support! -- Christoph Schmidt || IT Consultant @ TOP TECHNOLOGIES CONSULTING || MCITP EA If there 6 drives available in a library 6 tape related jobs can be run in parallel at any time. Thanks, Praveen D [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights. "Christop...

Using a Button to increment numbers in a database among other things.
I know that it is difficult to assess and solve a problem without being able to look at it physically. Therefore I have included a download link to the database I am working on. http://rapidshare.com/files/41280411/logbook1.accdb.html I have been have some trouble with this database what I would like to do is set up the logdb form to increment the lab number field with the click of a button following a format of the last two digits of the year "-" "0000", otherwise I would just like the field to be entered with a format of "00"-"0000". I tried using a ...

I have SQL Server installed on my workstation, can I not use MSDE
I have SQL Server Developer Edition on my workstation and I don't really want another instance of SQL on my box. Is there anyway for MS CRM 1.2 to use my existing installation? If you are referring to the MSDE datastore for the SFO client, then no, there isn't. It will install a new instance, but many of the underlying files are shared amongst the instances. Matt Parks ---------------------------------------- ---------------------------------------- On 23 Apr 2004 10:07:41 -0700, ramirez2sma@hotmail.com (Shawn Ramirez) wrote: I have SQL Server Developer Edition on my workstation ...

Using Emit to Return a Value
Hello: I am trying to write a piece of code that can implement an interface's methods simply by returning a specified value. I am trying to see how Mock libraries are written. For instance, I have a piece of code that looks like this: MockFactory.CreateMock<ISomething>().Setup(something => something.Foo()).Returns("abc"); What I want to be able to do is somehow implement ISomething.Foo so that it returns "abc". However, I am having a hard time figuring out the Emit code for taking an arbitrary object and incorporating it. I've never want...

problem importing data from Excel using Publisher Mail Merge
I am using Publisher Version 2002 and also Excel Version 2002. I have created a mailing list in Excel format consisting of 203 entries. However, when I attempt to access the mailing list using Mail Merge Feature of Publisher, after choosing the data source and seeing the listed names in the chart, while in Publisher, only 163 of the 203 names are shown. And, after doing the merge, only 163 name labels are printed. Any suggestions as to what I may be doing incorrectly? best, Aaron Not sure if it has to do with batch size or not. Read the article here, it might be what you are looking for...

Which service controls MSExchangeDSAccess?
Which service does MSExchangeDSAccess run under? I know that mad.exe is run by the System Attendant service. MSExchangeDSAccess is like a sub-module of another service. Not sure which one however. System Attendant. -- Bharat Suneja MCSE, MCT www.zenprise.com blog: www.suneja.com/blog ----------------------------------------- "Spin" <Spin@spin.com> wrote in message news:3s7k2uFmpgefU1@individual.net... > Which service does MSExchangeDSAccess run under? I know that mad.exe is > run by the System Attendant service. MSExchangeDSAccess is like a > sub-...

Creating Add In Using VB 6 Error
I'm following the instructions in the customization guide: - using the example code to build activeX dll - ran regsvr32 - updated the reqistry for the hooks. Keep getting error - "Attempt to execute COM object 'project1.class1' failed. Could not create object". I have tried it on several machines and get same error - I must be missing something...........thanks ...

Starting with a new pst file
Hi, I would like to start with a blank pst file. I want to start again with no contacts, no emails, no appointments. How should I proceed to make this? Thanks for your help, Olivier Olivier Verdin <olivier.verdin@playcorporate.com> wrote: > I would like to start with a blank pst file. I want to start again > with no contacts, no emails, no appointments. Assuming Outlook 2002/2003, since you didn't think it important to mention your Outlook version, click File>New>Outlook Data File, Browse to where you want the new PST (or accept the default), give it a name ...

Intercept file download in IWebBrowser2
I have a MFC application host a webbrowser(IWebBrowser2).Basiclly ,I hope when user click a file download url(href="test.zip"),I can intercept the download message and process it by my own download component instead of IE itself. Is it possible? Any article will be help. Adv tks. http://msdn.microsoft.com/library/default.asp?url=/workshop/browser/ext/overview/downloadmgr.asp "L.J.S" <bconline2002@hotmail.com> д����Ϣ����:Oc7j%23OcAFHA.612@TK2MSFTNGP09.phx.gbl... > I have a MFC application host a webbrowser(IWebBrowser2).Basiclly ,I > hope ...

How can i use DAO Application
Hello freinds I have a software which is made in MFC and connected with MS Access 97 through DAO(Direct Access Object via MS jet Engine). Now i want to use same software for Postgresql and wanted to connected it through ODBC. Problem is that Old software has been developed for DAO,all main file like ,recordset,view doc r made for DAO. If i want to make it in ODBC,my classes like Set ,view Doc and other would be generated for ODBC. I dont know any option to use same software, Should i write whole software from the begining? I need ur help. thanks Sheikh ...

accidently deleted file
Somehow I deleted the file MSMONEY.EXE. It seems I did prior to a restore point on my system. Is there anyway to get it back? Thanks....Inker Reinstall Money from the CD. It won't affect your data - that is kept on the *.mny file. -- Regards Bob Peel, Microsoft MVP - Money Hints/Tips http://support.microsoft.com/default.aspx?scid=fh;EN-GB;mny UK Wishes/Suggestions mnyukwsh@microsoft.com "Inker" <anonymous@discussions.microsoft.com> wrote in message news:072c01c3d799$f6d99a90$a501280a@phx.gbl... > Somehow I deleted the file MSMONEY.EXE. It seems I di...

Invalid sender domain
Your message did not reach some or all of the intended recipients. Subject: RE: Boat Sent: 4/17/2006 11:19 AM The following recipient(s) could not be reached: 'Fahlahas@Surgv.com' on 4/17/2006 11:19 AM 554 Fahlahas@Surgv.com: Recipient address rejected: invalid sender domain Dan Klinge <Yomama@kdkdjkfjdekfjdkfj.com> wrote: > Your message did not reach some or all of the intended recipients. > > Subject: RE: Boat > > Sent: 4/17/2006 11:19 AM > > The following recipient(s) could not be reached: > > 'Fahlahas@Surgv.com' on 4/17/2006 11:19 ...

how can I get a publisher file to acrobat reader
I have a Regestration Form created in publisher 2003. When a confrence addtendee signs on to our web site they need to be able to click on a file (acrobat reader) Hopfuly, and download it and print it so they can fill out the form and mail it off. (I say acobat reader because that seems to be the most common way it's done. I dont see an export in publisher or a inport to acrobat. how can i make this happen You will need a third party program to create the pdf file. Adobe Acrobat but it's spendy or a freebee i.e., Primopdf or another commercial program of modest cost, i.e., PDF-XC...

put files together
Hi all, I have in a directory "summary" some 800 files with a number for a name, like 8, 23, 44, 124, 2045 up to somewhere in the 2500's. There is no list of all those file names. Each file is a workbook with only one sheet called "ABCD". I know that the last cell used will be a cell in column H. I also know that the content of that cell will be ==== (4 to 7 times =). Column H will contain text, blanks (empty cells), numbers and other characters (like f.i. =). The number of rows used will be at least 6 and could be as much as 200 or so (25 is typical). I need ...

Hide toolbars when file opens
Hi all, I have created a file for people to use to get quotes. When the file opens, I do not want them to have access to any toolbars. How can I hide these when the file is opened, but only for this file - not any others that the user may subsequently open. All that they may need to do, is print the page out after getting a quote. Many thanks. Rob You can use this in the Thisworkbook module Rob Private Sub Workbook_Activate() Dim bar As CommandBar For Each bar In Application.CommandBars bar.Enabled = False Next End Sub Private Sub Workbook_Deactivate() Dim bar As C...