From my previous blog post, I have discussed on how to implement File Server Resource Manager on windows server 2016 (here). Also we have discussed how to create and configure quota, configuring file screening and generating reports. After implementing file server, many people face the problem of how to map the file server resource (share folder) to the users. From this post let’s discuss on implementing share folders and mapping them to individual users or groups of users with shared access.
Continuing with previous post I’m using the Windows Server 2016 File Server Resource Manager in a domain environment to configure share folders.
Most IT departments are willing to provide a centralized location to save users valuable data in order to minimize the risks of saving them in users computers. Local saving locations such as PC’s or Laptops can be compromised by a third party or user might accidently delete them and there might be no backups taken to recover. While managing these data in centrally, organizations can make sure data is available with regular backups and secured from a third party. But when managing data centrally, data should be secured and should not be able to access by users other than the owner. Also these data should be in a place that easily access to the user without much hassle.
In Active directory environments, there is an option called Home Folders. Home folder is a folder created with the user’s SamAccount name and only accessible to the particular user other than the domain admin. First you have to create the share location in the file server with the relevant permissions.
Following step by step approach can take to create the share folders and publish them using Home Folder option in Active Directory.
There are situations you have to map multiple drives to users other than the home folder. In old days, you have to place a logon script on each machine to archive this. But with Windows Server 2008R2 and above you can do this by Group Policies. Also this share or drive can be mapped to a security group with item targeting.
Before creating the GPO, create the share folder according to the above steps. Then
Note – Sometimes you may need to target the Drive to a security group without considering the OU. This is called item level targeting, follow the steps from point 5
Hope this post is useful