Solved

Security groups require two, best approach.

Posted on 2006-12-01
6
195 Views
Last Modified: 2010-04-19
First. This site is really appreciated. As an IT Pro (better make that amateur) it's a must.
Elevated to first on my billing list when renewals come around.

Also a big thanks to Jeff from TechSoEasy for assistance with my last two questions.

I am trying to plan. Plan and Plan. Something that I see consistenlty in these pages.
I am about to implement SBS2003 Premium in a new client site.
They currently have 2 peer to peer networks lets call them A and B
Ulitmately it is one company with two divisions. Division A provides training services Division B the administration
In order to provide document security for each division my approach was to;

1. Create two new security groups A and B
2. Create two new shares, remove the everyone permission and add the appropriate security group.
3. Create the new users and add them to the appropriate security groups using the Add User Wizard.
Am I on the right track?

Thanks
Philip

PS. My only dlimena with this client is with faxing as they essentially have two inbound phone and fax numbers one for each division. Havent got to that hurdle yet.  Email is fine as same domain and I can create distribution groups to handle common email addresses.

 


0
Comment
Question by:Philip
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 9

Assisted Solution

by:DanKoster
DanKoster earned 125 total points
ID: 18059056
Sounds like the right track to me.  Remember that the security groups can be added to the templates so that the new users are automatically added to them.  

It also sounds like you haven't familiarized yourself with SharePoint.  It too can be secured via security groups.  I highly recommend Harry B's book at http://www.smbNation on Small Business Server 2003 as a great place to start learning SharePoint.  

Faxes shouldn't be a problem, just get two modems.  You can create rules so that each modem prints to a different printer or goes to a different e-mail address, folder, etc.  

Also FYI - Remember that Public Folders can have e-mail addresses as well (and can be secured to specific groups).  So if you have an Info@YourCompany.com, you could make that a distro group going to several people, or you make it a Public Folder so that people can check on it, see which ones have been read/addressed or need to be.

And if you just have more than one e-mail address for a specific person, you don't need a distro for that either, just add the address to the user on the e-mail addresses tab on the user properties.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18062017
Philip,

If you're getting paid for it, you're a Pro!  :-)

Anyhow... you're "almost" on the right track... at least until item 3.  If you are going to have two distinct classes of user accounts, then you should create a user template for each of those rather than manually making the assignments each time you add a user.  This willl ensure that users are configured properly every time.  There isn't really a Template Copy function, so you have to just build it from scratch.. but that's pretty easy to do.

I would concur with Dan's recommendation of SharePoint.  So, you may want to consider this instead of using NTFS shares.  In order to have users automatically put into specific SharePoint Site groups, you would just add the new User Template that you created as described above, as member of the particular Site, and then the add-user wizard will automatically add new users to that particular site.

In addition to Harry's Brelsford's book, (http://sbsurl.com/best) I also like Eriq Neale's...http://sbsurl.com/unleashed

Jeff
TechSoEasy
0
 

Author Comment

by:Philip
ID: 18062776
Thanks to both Dan and Jeff.
Dan I actually own a number of Harry's books so last night I went back to reading both of them (the Sharepoint chapters). It's amazing what you forget when your not using it everyday. It helped. I still think thats initially my client will be better off with standard NTFS shares but this gives me something to build on. As for the Faxes good point will look into it.
Jeff thanks for the advise on the templates as this is probably my solution. So I guess I will create two security templates from scratch.
This being the case as I understand it I should,
1. Create users first
2. Create new security groups second (and add users to each group with the wizard)
3. Create my NTFS shares.
4. Assign my security groups to they shares last.

Thanks
Philip

 
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 9

Expert Comment

by:DanKoster
ID: 18064732
Step 1 and 2 should be reversed.  

1.  Create the security groups.
1b.  Create the templates.  
2.  Create the users.  The Add User wizard will prompt for which template to use and if you did it right, your users will be part of the right security group as soon as they're created.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 125 total points
ID: 18065173
Well, I'd do it this way...

1.  Create the Security Groups in Stndard Management > Security Groups
2.  Create the Templates in Standard Management > User Templates
3.  Create the Shares and assign permissions to the Security Groups in Standard Management > Shares (Local)
4.  Creat the users with the Add-User wizard using the new templates in Standard Management > Users

(My point here is that you can and should do all of this from the Server Management Console).

FYI, after installing almost 100 SBS's, I still have Harry's book at my side during EVERY one.

Jeff
TechSoEasy
0
 

Author Comment

by:Philip
ID: 18067477
Thanks guys to you both.
I have just come onsite and now have the next three days to get everything setup. (which translates you maybe seeing more of my posts). I appreciate the time and effort it takes to respond to these posts. In this situation I have decided to split the points as you have both given me some valuable advice however I will leave this topic open for another 24 hours just in case.
Best wishes.
Philip

PS. I brought both of Harry's books with me :-) Just in case, besides you can only read so many hotel bibles.
PPS. Dan I went to your company website  http://www.ITforSmall.Biz it redirects to http://sharepoint.paperlesssolutions.org/ which doesnt work.


0

Featured Post

Ready to get started with anonymous questions?

It's easy! Check out this step-by-step guide for asking an anonymous question on Experts Exchange.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction At 19:33 (UST) on Tuesday 21st September the long awaited email arrived with the subject title of “ANNOUNCING THE AVAILABILITY OF WINDOWS SBS 7 PREVIEW”.  It was time to drop whatever I was doing and dedicate as much bandwidth as possi…
The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question