+ Post New Thread
Results 1 to 11 of 11
Windows Server 2000/2003 Thread, Altering Students Folders in Technical; Morning all, First off I apologise if this in the wrong section. As some of you know I've inherited the ...
  1. #1
    ninjabeaver's Avatar
    Join Date
    Jun 2005
    Location
    Norfolk
    Posts
    1,087
    Thank Post
    182
    Thanked 100 Times in 88 Posts
    Rep Power
    46

    Altering Students Folders

    Morning all,

    First off I apologise if this in the wrong section.

    As some of you know I've inherited the school network a little over a year ago. I've not done any work on the servers as such, but concentrated on bringing the infrastructure upto spec as it's been left for 6 years. I'm now in a position to start sorting out the servers to meet mine and more over the schools needs.

    That's where the problems start. My first task I want to do is sort out the students home directories. At the moment the students have to locate their own directory via My Computer - P Drive - Users and then find their own folder. I don't find this acceptable now.

    So, my question is what is the easiest method of organising the students into their own folders while retaining their permissions. E.G. I would like to use the current naming method so that student A (e.g. JDoe10) who finish their GCSE's in 2010 will be in a folder called Students2010. I then want that student to be able to access their own directory through the My Documents folder on the desktop (which if I remeber correctly is done through GPO, but I would like some help on that as well).

    Ultimately I want to hide the students folders from anyone browsing for it via the old method if possible as well, but that is not too urgent.

    Hope someone can help,

    Simon.

  2. #2
    Jamman960's Avatar
    Join Date
    Sep 2007
    Location
    London/Kent
    Posts
    987
    Thank Post
    185
    Thanked 194 Times in 156 Posts
    Rep Power
    45
    if you just copy and paste the folders into the correct locations it should keep the ACL's as they are, if not I'd setup a script to re-apply the correct perms. Then its a case of using GPO's to redirect to my docs etc - the way I've done it is to setup security groups for each year group then setup redirection based on the group ie any student within group Students2010 would have their my docs redirected to \\server\users$\students2010\%username%

    If the only access they have to their folder is via my docs they won't be able to see or access any folder below their own, this is also the case for mapped home drives.

    James

  3. Thanks to Jamman960 from:

    ninjabeaver (20th August 2009)

  4. #3

    3s-gtech's Avatar
    Join Date
    Mar 2009
    Location
    Wales
    Posts
    2,697
    Thank Post
    143
    Thanked 542 Times in 486 Posts
    Rep Power
    148
    Go to Group Policy, set up a new GPO or alter the existing setup -within the GPO go to User Configuration, Redirected Folders, My Documents. Right click this, and set up the redirection as 'Basic', with 'Create a folder under the root path'. Set this path as the root location (for each year group) with the user profiles in. This should link the students to this location, as long as the folders have the same name as their login. Then set permissions on the root folder, so the students don't have read access to it, but still have read/write to their own directories (NTFS fix program for this).

  5. Thanks to 3s-gtech from:

    ninjabeaver (20th August 2009)

  6. #4

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,675
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    45
    Ok. First off what flavour of server are you running?
    I would start by craeting a folder (called "students2010" for want on a better name) on the server and moving all the student's own home directories into it. I would have this on it's own partition so that you can enable disk quota's without effecting anything else.

    Share the student2010 folder with whatever name you want but make sure that you put the dollar ($) as the last character to hide it so that people cant browse to it. (If you are using 2003 server change the share permissions so that your uses have at least "change" permissions as the default is read only)

    Set the permissions on the folder so that only domain admins and the system have access.

    Now I can't remember if some of the following commands are in 2000 server but if not they should be downloadable from microsoft's website. It also requires a little bit of scripting skill, though not much. A list of users/folders and some Excel skill will allow you to create some batch files very quickly to do this in baulk.

    use the windows command "subinacl" to set the folders permissions for each user.
    Approximate syntax: subinacl /file e:\students2010\<FolderName> /grant=<DomainName>\<Username>=c

    Use the windows command "dsmod" to change the users home directory (I THINK this it 2003 only)
    Approximate syntax: dsmod user "CN=Don Funk,CN=Users,DC=Contoso,DC=Com" -hmdir \\<serverName\ShareName\FolderName\ -hmdrv <DriveLetter> Check this and do some reading on the command before using it.

    Then use GP to re-direct the MyDocuments to the users home folder.

  7. Thanks to Stuart_C from:

    ninjabeaver (20th August 2009)

  8. #5
    rh91uk's Avatar
    Join Date
    Sep 2008
    Location
    UK
    Posts
    871
    Thank Post
    137
    Thanked 132 Times in 114 Posts
    Rep Power
    35
    Quote Originally Posted by Stuart_C View Post
    Use the windows command "dsmod" to change the users home directory (I THINK this it 2003 only)
    Nope - works on 2k8 and 2k8 r2 aswell :-). Just used it to add an employee ID to all our new users from SIMS.

  9. Thanks to rh91uk from:

    ninjabeaver (20th August 2009)

  10. #6
    ninjabeaver's Avatar
    Join Date
    Jun 2005
    Location
    Norfolk
    Posts
    1,087
    Thank Post
    182
    Thanked 100 Times in 88 Posts
    Rep Power
    46
    Sorry all. It's Vanilla Server 2003.

  11. #7

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,675
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    45
    Quote Originally Posted by Jamman960 View Post
    if you just copy and paste the folders into the correct locations it should keep the ACL's as they are, if not I'd setup a script to re-apply the correct perms.
    Just so you know. If you move/copy the folders on the same drive they will keep their ACL's. If you move them to a different drive you will loose the ACL's

  12. 2 Thanks to Stuart_C:

    Jamman960 (20th August 2009), ninjabeaver (20th August 2009)

  13. #8

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,675
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    45
    Quote Originally Posted by rh91uk View Post
    Nope - works on 2k8 and 2k8 r2 aswell :-). Just used it to add an employee ID to all our new users from SIMS.
    Yeah I relised that after I posted but as we're in the 2000/2003 forum I couldn't be bothered to change it.

    Perhaps I should have said "2003 or above"

  14. Thanks to Stuart_C from:

    ninjabeaver (20th August 2009)

  15. #9

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,675
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    45
    Quote Originally Posted by ninjabeaver View Post
    Sorry all. It's Vanilla Server 2003.
    That's fine. Everything I mentioned should work. It's what' I'm using.

  16. Thanks to Stuart_C from:

    ninjabeaver (20th August 2009)

  17. #10
    mortstar's Avatar
    Join Date
    Jan 2007
    Location
    Oxford
    Posts
    341
    Thank Post
    12
    Thanked 29 Times in 18 Posts
    Rep Power
    21
    Quote Originally Posted by Stuart_C View Post
    Just so you know. If you move/copy the folders on the same drive they will keep their ACL's. If you move them to a different drive you will loose the ACL's
    You can move folders via NTBackup to retain ACLs.

    Also rather than use the 'end date' (2010) to separate year groups, I would use their intake year as this is a solid date as opposed to the 'end date' which could change in the future. It is common to be near-sighted and think that the status quo will always be that the students have a 5-year career in the school but this might not always be the case.

  18. Thanks to mortstar from:

    ninjabeaver (24th August 2009)

  19. #11

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,675
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    45
    Not sure it matters either way does it as long as the person in question understands what they are doing and how their groups work (and presumably all the students in the same year are in the same group).

    For reference however I personally feel that year of entry is better. But I do have to "Back Date" those who enter in the Lower 6th or any other middle year in the school.

  20. Thanks to Stuart_C from:

    ninjabeaver (24th August 2009)

SHARE:
+ Post New Thread

Similar Threads

  1. altering twittermailphp script
    By russdev in forum Web Development
    Replies: 2
    Last Post: 3rd August 2008, 09:56 AM
  2. Replies: 1
    Last Post: 2nd July 2008, 04:20 PM
  3. Problem deleting lots of folders within folders
    By sradams1977 in forum Windows
    Replies: 11
    Last Post: 13th March 2008, 05:25 PM
  4. Altering music information
    By FN-GM in forum General Chat
    Replies: 4
    Last Post: 27th December 2007, 10:47 PM
  5. Replies: 1
    Last Post: 17th February 2007, 05:28 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •