Folder Structure - Best practice???

J

John

Can anyone share how they've setup their corporate folder structures?
I'm looking for ideas on how to simplify and reduce administrative
overhead. Userfolders, Departmental folders, shared areas, etc.
thanks in advance.
 
L

Lanwench [MVP - Exchange]

John <roundsjr@gmail.com> wrote:
> Can anyone share how they've setup their corporate folder structures?
> I'm looking for ideas on how to simplify and reduce administrative
> overhead. Userfolders, Departmental folders, shared areas, etc.
> thanks in advance.

It's hard to say, given that companies have different needs. Some companies
want to all users to share/access everything - some want departments and
groups to have only their own folder.

As far as simplified administration is concerned, it's got more to do with
your AD group structure than the file/folder hierarchy on your server,
really. Do stuff with groups (not users) and keep things simple. You can
nest AD security groups within other groups, remember.

Here's an example ....

1. Home directories (\\server\home$\%username%)
2. Management folder (\\server\management$)
3. Accounting folder (\\server\accounting$)
4. General shared data folder (\\server\shared$)
5. Software images,drivers, etc (\\server\distrib$)

On the server, that might look like

E:\Data
|--Home
|--Management
|--Accounting
|--Shared
|--Distrib

Share security = everyone, full control

Folder-level security is via AD groups.
I disable inheritence on the E:\DATA folder so everything's customized per
folder.
Administrators & system have full rights to everything.
I don't use Domain Users for anything I create Companyname Users for
general permissions, and Companyname Management, Companyname Accounting, as
security groups...and the most any of those ever get is Modify (and for the
distrib folder, read&execute only).

Your mileage may vary, but the above has worked for me, for years.

The only general piece of advice I can give is, don't set up shares/folders
that have different security requirements on their subfolders. E.g., don't
get into the business of denying access to S:\Subfolder1 and S:\Subfolder2
if the whole company has access to the S/parent drive. It can quickly become
a nightmare.
 
J

John

On Jul 24, 3:56 pm, "Lanwench [MVP - Exchange]"
<lanwe...@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote:
> John <round...@gmail.com> wrote:
> > Can anyone share how they've setup their corporate folder structures?
> > I'm looking for ideas on how to simplify and reduce administrative
> > overhead. Userfolders, Departmental folders, shared areas, etc.
> > thanks in advance.
>
> It's hard to say, given that companies have different needs. Some companies
> want to all users to share/access everything - some want departments and
> groups to have only their own folder.
>
> As far as simplified administration is concerned, it's got more to do with
> your AD group structure than the file/folder hierarchy on your server,
> really. Do stuff with groups (not users) and keep things simple. You can
> nest AD security groups within other groups, remember.
>
> Here's an example ....
>
> 1. Home directories (\\server\home$\%username%)
> 2. Management folder (\\server\management$)
> 3. Accounting folder (\\server\accounting$)
> 4. General shared data folder (\\server\shared$)
> 5. Software images,drivers, etc (\\server\distrib$)
>
> On the server, that might look like
>
> E:\Data
> |--Home
> |--Management
> |--Accounting
> |--Shared
> |--Distrib
>
> Share security = everyone, full control
>
> Folder-level security is via AD groups.
> I disable inheritence on the E:\DATA folder so everything's customized per
> folder.
> Administrators & system have full rights to everything.
> I don't use Domain Users for anything I create Companyname Users for
> general permissions, and Companyname Management, Companyname Accounting, as
> security groups...and the most any of those ever get is Modify (and for the
> distrib folder, read&execute only).
>
> Your mileage may vary, but the above has worked for me, for years.
>
> The only general piece of advice I can give is, don't set up shares/folders
> that have different security requirements on their subfolders. E.g., don't
> get into the business of denying access to S:\Subfolder1 and S:\Subfolder2
> if the whole company has access to the S/parent drive. It can quickly become
> a nightmare.

Great reply... thanks for your time!
 
You must log in or register to reply here.

Similar threads

K
  • Article
Manufacturing for tomorrow: Microsoft announces new industrial AI innovations from the cloud to the factory floor
Replies
0
Views
93
Kathleen Mitford, CVP, Global Industry
K
J
  • Article
How Copilots are helping customers and partners drive pragmatic innovation to achieve business results that matter
Replies
0
Views
18
Judson Althoff
J
P
  • Article
Unlock a new era of innovation with Windows Copilot Runtime and Copilot+ PCs
Replies
0
Views
85
Pavan Davuluri
P
M
  • Article
Microsoft Edge: Your AI-powered browser, innovating for businesses and developers
Replies
0
Views
190
Microsoft Edge Team
M
J
  • Article
The era of AI: How the Microsoft Cloud is accelerating AI transformation across industries
Replies
0
Views
219
Judson Althoff, Executive Vice President and
J
Back
Top Bottom