Windows Server 2000/2003 Thread, Folder structure of user's home folders on the servers in Technical; Evening all,
We are hoping to move away from the older structure which we have used for many years of ...
26th July 2011, 08:47 PM #1
- Rep Power
Folder structure of user's home folders on the servers
We are hoping to move away from the older structure which we have used for many years of one share per user.
H: -> \\server\studentid$ (located d:\shared\users\students\<letter a-z>\<student-id>)
H: -> \\server\staffid$ (located d:\shared\users\staff\<letter a-z>\<staff-id>)
Where the security is set on the share level and NTFS permissions are everyone - full control.
The user and domain admins are granted access at the share level.
These are generated each day by an in-house developed system,which queries the MIS system for new enrolments.
To one share for staff and one share for students as follows:
And where the permissions are set at NTFS level (presumably using Owner/Creator to set the user permissions automatically).
I just wondered how many people are still using one share per user and how many are using the latter model?
And also, what structure you are using?
It's going to be quite a big job writing a script to move all accounts from the old setup to the proposed one.
After that we plan to use a program like Dovestone ,which will automatically create them in this format.
We have up to 7,000 accounts created in the academic year and these will be spread across 4 servers at the 4 College sites. I have a system which automatically moves home folders to the server at the site where they are most loging on at.
27th July 2011, 05:57 AM #2
Originally Posted by Bruce123
I use something similar to the latter and only redirect the documents folder. About 4,000 students and 600 staff members? The old method (shares for each user) was setup somewhere i worked before and it was a nightmare. Permissions should be locked down with NTFS - IMHO, that is the best and should be the only way to go. It is very precise.
\\fileserver\Student Directories\School Name\%username%\Documents
\\fileserver\public\Staff Directories\School Name\%username%\Documents
27th July 2011, 09:32 AM #3
We have gone for a structure like
It allows you to move servers with minimual hassle.
Staff and students have modify permission on there user area and staff have modify permision on student area so that they can access student work. You also dont have to upgrade students each year as they are in the same folder for all the time they are with you.
27th July 2011, 10:17 AM #4
I've also moved away from the share per user method, the only reason I could see for sticking with it was the software we had to create the user accounts, having sorted out another method(vbs script+CSV file) I much prefer sharing the root of the users directory.
I'd avoid putting all students into 1 big directory if I were you unless your usernames can be pinpointed to a year group easily, even so its much easier to move them around and see how much space a year group is taking up if they're split into intakes. Assigning each year group to an AD group then using the advanced option within the redirection GPO settings sorts out any redirection issues.
25th August 2011, 11:42 AM #5
Looks just like what we need to do as well, would be interested to see what script you ended up with to create the new user folders so they have the same permissions as if Windows auto-created them. In theory I guess it's setting the Owner on the folder correctly and then inheriting the rest from the root share?
25th August 2011, 12:31 PM #6
I use the same sort of method as ricki for my folder organisation. For sorting user permissions you can just script something like subinacl or use NTFSFIX from wisesoft which is easy to use. The only issue I found with NTFSFIX is you can't change the owner on the folder as well which you will need to do for quotas etc.
I have scripted the windows version of chown before and I am just about to look at subinacl to do a quick 3 line batch script as well. I have done 2 scripts recently that dealt with moving home folders. I did one last night that dealt with moving from one folder structure to another using robocopy, so this could maybe be altered for your need and the addition of the code for the permissions could be added as well.
I have a Powershell Script to set the owner of the folder to the name of the folder but you need to install the powershell community extensions then run a few commands just to give the permission to change the owner to someone who is not the current user or an administrator. It does work after that though honest
30th September 2011, 11:59 AM #7
- Rep Power
Talking about accounts creation and users rights, here is what I am working on.....
I worked the whole summer creating a script (vbs) to automatically create students accounts on our 2003 and 2008 servers.
I am successfully running a test version on 15 servers (about 15,00 students), and since the beginning of the year, I have not manually created a single account . Next year it will run on all our servers (approximately 50,000 students in 137 schools).
How does it work?
Twice a day, I get an export of the main student Information System database (SIS). The CSV file contains the information about students enrolled in each school.
The format of the export is: First Name, Last Name, Student #, Grade, Homeroom
The software exports the students already created on the server and compares it to the latest export from the SIS. It then generates the list of accounts to be created.
If a student doesn't exist on the server, it is automatically created and I am receiving a confirmation Email.
If a student exists on the server and is not anymore enrolled in the school, his account will be disabled (If he enrolls again, his account will be automatically re-enabled)
A log of students user names and passwords is automatically updated in the school admin share drive.
As a result, if a secretary enters a new student between 8 and 11:30am, the account is created at 12. If the new student is entered in the database after 11:30, the account is created at 8pm. This ensure that a student will have a server's account no more than 1/2 day after he register to a school.
This is only the beginning of a suite of applications.
The next addition will be to generate Email accounts.
The next phase (already started) is for the end of the year, to delete all the student accounts. The software is searching shared drives to delete files owned by students (This is to avoid having 1,000s of orphan files, delete the quota entries, user accounts and users home drives). We only keep a backup of the student home drives, and re-create new accounts every years.
The program runs on a scheduled task.
The user's creation script is running from August 1st to July 30, and the script to delete the 'old' accounts will run on July 30.
The whole suite should be ready around Xmas.
The goal is to have an auto management of student accounts. This will leave me more time to work on other projects.
Here is a link for a full view of the screen to generate the INI file for the software (It is flexible and have multiples options): http://hrsbstaff.ednet.ns.ca/bvogel/student-setup.jpg
Last edited by Bertv; 30th September 2011 at 12:35 PM.
By DaveP in forum Downloads
Last Post: 31st January 2010, 07:55 PM
By Stuart_C in forum School ICT Policies
Last Post: 3rd September 2009, 07:41 PM
By PiqueABoo in forum How do you do....it?
Last Post: 29th August 2009, 01:39 PM
By itschad in forum Wireless Networks
Last Post: 12th September 2008, 06:03 PM
By techyphil in forum Windows
Last Post: 27th March 2007, 07:53 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)