?
Solved

Folder Sharing Right Approach

Posted on 2006-03-26
9
Medium Priority
?
256 Views
Last Modified: 2012-05-05
We have a network (LAN) of around 100 PCs connceted together under a same WorkGroup . Many times PCs user are required to Share their Folders with their other departmental users . To share Folders earlier we allowed the users to Share Folders using NetBui protocol . But this resulted into following problems :
a) Netwrok Traffic increased very high . While analysing the Network Traffic we found there was huge network traffic for UDP data pacakets .
b) If we run netwatch command on PC then found that many users are connected to the individual desktop
c) It also created Virus related issues . Although we had installed Trend-Micro officescan on the Desktop .

Looking into these we had stopped Folder Sharing .

Kindly guide us that what is the right method for Sharing the folders .As it is very much required to our users .

Rgds
B Mittal

0
Comment
Question by:bvmittal
  • 4
  • 2
7 Comments
 
LVL 5

Accepted Solution

by:
The_IT_Garage earned 1000 total points
ID: 16297786
As you found NetBEUI is very "chatty", changing your default protocol to TCP/IP will improve things immensely!

What Operating systems are the desktops? Do you have a server you can tun on DHCP (automatic IP addressing?) If so, use that (DHCP is easy to confgure, you can ask here). If you don't have a server (I assume you don't since you're a workgroup).

If they can currently hit the Internet go to one PC and hit START...RUN.. type CMD hit <Enter> then type IPCONFIG /ALL and note the DNS server IP address(es) and the default gateway address - the DNS and gateway addresses would be the same for all PC's. You're PC's should be in the same subnet as the default gateway. (for arguments sake we'll say your defaul gateway is current 192.168.0.1)

Change your network protocol to TCP/IP, give each PC a unique IP address (192.168.0.10    192.168.0.11, etc), use a subnet mask of 255.255.255.0 (same for all PC's) and

Sample config:
PC #1
TCP/IP address: 192.168.0.11
Subnet mask: 255.255.255.0
Default gateway: 192.168.0.1
DNS: 68.125.32.3

PC #2
TCP/IP address: 192.168.0.12
Subnet mask: 255.255.255.0
Default gateway: 192.168.0.1
DNS: 68.125.32.3

etc..

Additionally you should have NTFS file systems on these PC's, if they are FAT32 for any reason convert then to NTFS (you can do this w/out losing data). Then set security on each shared folder to only allow specific users access instead of having them wide open.
0
 
LVL 11

Assisted Solution

by:Renato Montenegro Rustici
Renato Montenegro Rustici earned 1000 total points
ID: 16302651
With 100 workstations its time for a server technology. There are too many user databases and folder to mantain. I'll try to give you the general guide lines:

1. Install Servers.

You can start with 3 servers. 2 of them can be a PIII with 512 RAM and enough space to run Windows 2000 or Windows 2003, Active Directory, DNS and DHCP. You need 2 to have some redundancy. On this computer you will create users and groups and manage them from this single point.

The 3th one will be your file and print server. It has to be plenty of disk space. A P4, 512MB or 1GB RAM can do the job quite well. On this server, you will copy all useful user files (files that need backup).

2. Join workstations to the domain

Once your server's environment is ready, you can start to join the user's computers to domain. Now, they can be managed from any point of network.

Finally, dont try to manage your network the way you are doing today. You will need a server technology.
0
 
LVL 5

Expert Comment

by:The_IT_Garage
ID: 16306029
rmjustice is right, time for a server or two.

If you go this route the File & Print server should not just be a desktop but a proper server: drives with RAID 5 (hot swappable). Raid 5 allows a drive to die without any data loss/down time.

To save money on hardware/software you can get by with two servers - on as the domain controller / DHCP server the other can be the other domain controller as well as the file/print server, (this would save you the hardware for it and the $500 or so for a Windows 2003 Server license). Of course then you need to set up / have someone set up Active Directory, DNS and DHCP for you but in the long run you will save an immense amount of time as all your shares and files will be in once place for administration and easse of backup.

Also sharing from the server will prevent anyone from accidentlaly sharing their desktop or other unintended share.
0
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

 

Author Comment

by:bvmittal
ID: 16307486
Thanks  rmrustice for the nice recommendation .
My problem is that I have never configured Active Directory / DNS /DHCP and File Server . May I request you to please suggest the guideline for doing this else suggest me some good text book to refer please .

Regards
B Mittal
0
 
LVL 11

Expert Comment

by:Renato Montenegro Rustici
ID: 16309516
You are welcome.

Well, its not such an hard task, but its recommended to have some official Windows classes (Microsoft Official Curriculum). But I'll try to give you the general guidelines:

1. Plan your DNS and DHCP beforehand.

Make sure that your network setup is fine and that your clients can receive automatic IP address with the correct options (which you setup inside DHCP Manager), like Default Gateway, DNS Servers addresses and Domain name (DNS domain name). Make sure yours servers have static IP Addresses (non DHCP).

for DNS, never setup a top level domain, like "mydomain", but choose a regular domain like "mydomain.corp" or "mydomain.com". Create a foward (name to IP) and a reverse zone (ip to name). Enable automatic update of DNS records. From prompt, test your configuration with NSLOOKUP utility.

2. Run DCPROMO at server

Now that your network infrastructure is fine, you can promote your regular server to an Active Directory model. Run DCPROMO from command prompt or Start/Run and follow the wizard. Choose all settings that tell "New". New domain, new forest, new everything. On the domain name, write your DNS domain name "mydomain.com". Complete the wizard and reboot. Now, you have an AD.

4. Create users and groups

On your new AD server, open Active Directory Users and Computers and create users and groups. You can create them on the folder "Users". Later, you'll find another interesting concepts like OUs and so on. But now, do the simple.

4. Join your computers do domain

Log in as a local administrator. Right click "My Computer" and go to the computer identification. Change from a Workgroup to Domain and type your full DNS domain name "mydomain.com". Give the username to your users and let him log on to the new domain. You must change the combo box in the login screen to match your domain name.

5. Copy sensitive data to the server

Now that everything is up and running, start copying user data to the file server and setting up the apropriate permissions to users and groups.

That's the general guidelines. You can look for those terms in google or just come on here and ask up in each step. It you be a pleasure to help.

Best regards.

 
0
 
LVL 5

Expert Comment

by:The_IT_Garage
ID: 16310500
I realize this was to be general general but don't forget to share the folders you've copied to the server and set permisisons on the shares. When it comes to that let's say you have a C: and D: drive on your server. On the D: drive create a folder called \SHARED   Copy the files/ folders to be shared to the \SHARED folder. While there are many ways to structure your shares, here's an example

D:\SHARED
D:\SHARED\ACCOUNTING
D:\SHARED\NEWBUSINESS

Then you can create a login script called LOGIN.BAT (or any name you'd like) and it's contents would be:
@echo off
net use S: \\<SERVERNAME>\SHARED

Then in each Active Diretory user profile make sure you put "LOGIN.BAT" in their PROFILE tab where it says "Login script"

Then each user would have an S: drive (S for shared!) and on that they would see many folders. You would set up permissions on each folder under \SHARED that you want to restrict access to.  For \SHARED itself I would leave the permission open so a user could create a new folder on their S: drive.

Alternately you could share just \ACCOUNTING and have that mapped for the Accounting dept, share \HR and map that just for the HR dept, but if that as the case your directory structure should look like:

D:\SHARED            <------- share this - everyone gets this mapped, i,e. S:
D:\HR                    <------- share this - only HR gets this mapping, i,e. R:  
D:\ACCOUNTING    <-------- share this - only accounting gets this mapping,  i,e. T:

The reason not to keep \HR and \ACCOUNTING under \SHARED is everyone wll see the \HR and \ACCOUNTING folders even if they don't have access to it (you can actally *hide* them but that effort gets complex and tough to troubleshoot later), if it's not under \SHARED then only the mapped departments will even know those folders exist. The reason I have HR and Acccounting examples as different drives you never know if someone might need both R: and T: mapped, so a division president might have R: S: and T: drives, while a mere accountant would have just S: and T:

Another convention I use is having a D:\INSTALL folder and I map users' I: drive (I for Install) so I now have a central installion point to copy installation CD's to it (MS Office, Acrobat Reader, etc). For I: you give users Read Only.

For users' home directories I assign the letter H: (for home). This can be set at each users' Active Directory profile or the login script.

How you initially set up your directory structure and shares will have a huge effect on how much effort it takes to administer the shares later.
0
 
LVL 5

Expert Comment

by:The_IT_Garage
ID: 16437773
Any update on this?
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question