File Services - what are you using? New ideas?
in [Windows Servers]
|
From: Grant Taylor on 4 Jun 2010 15:51 On 06/04/10 11:56, Silvester wrote: > As for the NAS/SAN, we have some experts here that can give me advice > on which route to go. I want to turn this fileserver into an ESX > server to cluster with our other ESX which is why i'm looking into > shared storage and virtualizing the server. *nod* In that case, you would most likely want your ESX guest VMs to access their disks via a SAN of sorts. That way the guest VM can be running on any ESX node and still access its (the VM's) own disk with out a problem. Grant. . . .
From: Leythos on 5 Jun 2010 10:31 In article <Silvester.4c1e9b(a)DoNotSpam.com>, Silvester.4c1e9b(a)DoNotSpam.com says... > > Hi all, > > We are currently running a Win2k3 server running our DNS, AD, DHCP and > Fileservices. Our CTO does not like the way our file system is setup > and is looking for new solutions. SOme of his issues are Security, > Difficulty finding documents - including those of employees that have > left where you can't ask the person where they put something, along with > some structural issues as in seeing folders staff doesn't have access > to. > > Some solutions that came to mind were using an encryption software such > as PGP for certain folders such as the Management etc. > > For search problems, someone has suggested getting a Search Engine and > putting it on top of the filesystem, one that will search at the > document content level. > > THe filesystem structure in my opinion can be solved easily by not > sharing at the rood folder level and sharing at the department level > (account has access to and sees only those folders etc), right now it's > shared at an upper level and all different departments are visible but > access denied to some. > > > There is also talks of putting everything into a Sharepoint type > system. > > Do you guys have any suggestions? > > > I'm also looking into getting a shared storage device, san or nas not > sure yet and virtualizing the dhcp/dns/fileserver. SBS 2008 would be the first place to start, if you're smaller than 75 users. When I setup networks for a company I create default shares \\servername\Accounting \\servername\Business \\servername\Common \\servername\Public \\servername\Projects \\servername\Departments\department_a \\servername\Departments\department_b \\servername\Departments\department_c.... \\servername\Utilities Each share\area is assigned with a Security Group that only permits access to that area base on membership - if you're not a member then you will get an access denied error. In some cases we have created Read Only security groups (which means you need to create a RWED group to compliment it) SGP_SHARE_ACCOUNTING_RWED SGP_SHARE_ACCOUNTING_RONLY With this method we've been able to pass every security audit at ever company. NEVER apply permissions for a user, only for groups - and you may need to explicitly deny "take ownership" and deny "change permissions". -- You can't trust your best friends, your five senses, only the little voice inside you that most civilians don't even hear -- Listen to that. Trust yourself. spam999free(a)rrohio.com (remove 999 for proper email address)
From: Phillip Windell on 9 Jun 2010 14:16
"Silvester" <Silvester.4c1e9b(a)DoNotSpam.com> wrote in message news:Silvester.4c1e9b(a)DoNotSpam.com... > We are currently running a Win2k3 server running our DNS, AD, DHCP and > Fileservices. Our CTO does not like the way our file system is setup > and is looking for new solutions. SOme of his issues are Security, > Difficulty finding documents - including those of employees that have > left where you can't ask the person where they put something, along with > some structural issues as in seeing folders staff doesn't have access > to. Good concernes except, "issues as in seeing folders staff doesn't have access to" Forget that,..it is meaningless. Knowing that a folder exist does not mean it is accessable and it is completely pointless to haggle about that. In addition to that it may be a *good* thing in the event that an employee might have a legitament need to access the folder and if they can see that it exist but can't get into it, then it presents an opportunity for the employee to approach management to get the permissions opened up to them. But if they did not know it existed then they would never have known what to ask for. -- Phillip Windell The views expressed, are my own and not those of my employer, or Microsoft, or anyone else associated with me, including my cats. ----------------------------------------------------- |