[Webinar] Streamline your web hosting managementRegister Today


User\Department Storage

Posted on 2004-10-21
Medium Priority
Last Modified: 2010-04-03
Looking for best practices.!!!

I have been tasked to redesign our Department and User home shares.  Here is our current setup:

 |____ Users Volume (each user folder is secure to the individual user)
 |          |_ User1
 |          |_ User2 ...
 |____ Department Volume
            |_ Department1 (each folder under department inherits permissions allowing all dept. users access)
            |_ Department2 ...

We map drive (U:) to each individual home folder and map (T:) to the department they belong.  Pretty straight forward.  

The users volume has not been an issue since we have applied quotas on that volume which restrict the users home directories to 500MB.  Where I have to really re-think is the department shares.  Here is my problem:

If I have a department called DEPT1 with 200 users, each user will get the mapping of T:.  Within that mapping all users have modify rights which allows pretty much everything (-permission change).  We have users creating folders all over the place and are saving, let's say "non-business" related files.  They do this because they have quotas on their user folders and they also need to share files with others.  Now, granted, we have created some folders for them and restricted it to a specific groups so others within the department can't access.  So all in all, a real mess.  I need to clean this up and put into place policies of how this department storage is managed.  

My thoughts are this:

1. Restrict folder creation at the root (T:) level
 - this will be done by our support staff via support request

2. Place quotas on newly created folders (3rd part application)
 - each newly created folder will have an allocated quota

3. Create a standard folder naming convention
 - each folder will have a consistant naming convention that will make managing the folder much easier

4. Alerts
 - setup alerts on each folder so users can receive notifications when their space is filling up

5. Security
 - each folder will be secured.  if the folder is not to be shared within the department, specific security groups will be created  and applied to the folder

6. Create a new folder at the root for cross department shaing
 - a new folder will reside at the root of T:, which will be mapped (S:) to goups that need to share across departments
 - all above policies apply to newly created folder within this shared department folder
 - all folders within this cross department share will be secure via group membership

Please take a look at my senerio and comment.  I really value the imput from the experts from this site.  

Question by:mchristo63
  • 5
  • 3
  • 2
  • +1
LVL 97

Accepted Solution

Lee W, MVP earned 1500 total points
ID: 12373670
I would suggest offloading the issue to the users.  For example, designate one user (or have the department head designate the user) who will monitor usage.  If they see "suspect" files, make them responsible for policing.

Now, you can generate scripts that locate "bad" files, such as mp3s and the like and generate a report.  You can further script things to indicate who the owner of such files are and "report" the owner to their department head.

I think if you are going to try to manage folder creation for users, you're going to have a nightmare of a time doing it.

If you're able to use a third party application for quotas, then do so and assign quotas to groups too.  When a group complains of a lack of disk space, the first thing you do is validate their files.  THEN you increase their space.  

Author Comment

ID: 12373711
good suggestions.

Not sure if designating a department user to police the activity will work.  Most likely it will fall upon myself.  
LVL 97

Expert Comment

by:Lee W, MVP
ID: 12373737
I use to manage a similar situation.  Another thing, you can run reports of how much usage each group does and contact the department heads of the groups using "too much" space.  I used to manage this at a lab environment - very difficult to manage.  We allocated xGB to each lab and those that exceeded it (no actual quota software used on the group end) were asked to purchase their own space - or had to pay more in annual IT costs.
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

LVL 97

Expert Comment

by:Lee W, MVP
ID: 12373744
Because you also have to think about backup, and how much space they are going to need there - typically NIGHTLY.

Author Comment

ID: 12373776
Backup is covered.  

Expert Comment

ID: 12374306
Have you thought of automatic restriction of certain file types, eg: mp3. I've made it on my servers so that as soon as any media file is written (*.mp3, *.avi, *.mov), they are instantly deleted. (My users hate me mind you and have gotten pretty clever with encrypted zips... oh wait, if I cant read it... buh bye!) lol


Author Comment

ID: 12374336
Yes.  I can do that with the 3rd party quota app we will use.

Expert Comment

ID: 12374541
Mind if I ask which quota app that is? I had to write a file scanner for my linux server... bbut I'd like to do the same on my windows machines.

Author Comment

ID: 12374565
Veritas StorageCentral
LVL 18
ID: 12393696
Do you have any policies in place??  What I mean is are there any acceptable use policies or guidelines in place?  For example, I created a policy that says that only user specific files may be kept in the User folders and only Work related in the departmental directories.  We also have a policy about loading up software that is not provided by the company and about what is acceptable use of the PC's, like No Games or Downloads from the Internet.

I believe in the Kiss Method.  Wouldn't it be better to stop or prevent the users from loading things where they should not be by having them take the responsibility?

Create some good general policies and have the higher Up's buy into it.  Make sure the consequencies are spelled out as well.  Just one license violation can cost the company over $300,000 or $400,000 in fines if they are caught and prosecuted.  Then implement the policy and you should have users starting to police themselves.  If they don't then there is action that can be taken against the offenders.

I like your points 1,3,5 and 6 and use them as well.  I don't use quota's on departmental directories as the policies take care of that hassle, so any low space alerts aren't needed for me.


Author Comment

ID: 12399796
So, in your experience, how does it work for you restricting the creation of folders in a Department share.  I have about 1200 users, and all reside in different department.  Restricting folder creation is a great idea, but I am worried about the overhead and the possible "I need a folder now" senerio from top brass.  


Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: evilrix
Looking for a way to avoid searching through large data sets for data that doesn't exist? A Bloom Filter might be what you need. This data structure is a probabilistic filter that allows you to avoid unnecessary searches when you know the data defin…
Among the most obnoxious of Exchange errors is error 1216 – Attached Database Mismatch error of the Jet Database Engine. When faced with this error, users may have to suffer from mailbox inaccessibility and in worst situations, permanent data loss.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This Micro Tutorial will teach you how to reformat your flash drive. Sometimes your flash drive may have issues carrying files so this will completely restore it to manufacturing settings. Make sure to backup all files before reformatting. This w…
Suggested Courses
Course of the Month10 days, 22 hours left to enroll

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question