Versions Compared

Old Version 16

changes.mady.by.user user-7ea28

Saved on

compared with

New Version Current

changes.mady.by.user user-29411

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Excerpt

As of 5/18/16, completed about one year ago, for all practical purposes.

See also

The below is available mostly for historical purposes

Last know question

Q: What is the measure of success/ completion? Is it reduced need for EZ-Backups?

Topic

The Physics department gets

...

free file

...

storage on A&S's file server, which

...

PhysIT has set up. How can

...

this file share server represent utility to Physics Admin staff?

  • Departments can use file storage servers (file servers) to more efficiently store, and optionally share

...

  • , folders and files. As compared to emailing files around, for example.

Notes

  • But as with any change in workflow, conventions may need to be discussed and agreed on, and new skills and habits developed.
  • When and if it's a "go" per Physics's decision, PhysIT can make this server "drive" appear automatically on Windows computers so it becomes easily available on staff computers. This is almost immediate, once committed, via Active Directory (AD) policy.
    • Roger is working with Greg at A&S to set up the space (as of 11/15), in anticipation that this service will prove of value to Physics. This can easily be reversed if a "no go", of course.

    November 2014

    Phase one: Shared folders

    Synonyms: Folders == directories.

    Conventions used among staff will limit actions not necessarily enforced by the permissions.

    Goal: Reduce complexity to reduce mistakes and facilitate debugging, balanced with ensuring security and adequate access.

     

    Groups

    Group name: PhysAdmin

    Sub-group nameNetIDsMembers

    Management

     

    jcm8

    dah6

    John Miner

    Deb Hatfield

    Businessnbs4Nancy Searles
    Gradklb79Kacey Acquilano

    Staff

    Individual group members

    klb79

    rjf2

    sfc1

    ?

    Kacey Acquilano

    Rosemary Barber

    Sue Sullivan

    Brad (temp)

    Folders and permissions

    Top Level

    Directory

    		Folder namePrimary directory (folder)
    owner(s) (NetID)    		Full folder access, by
    group or individual (NetID)    		Notes
    Instruction

    Undergrad

    Sue Sullivan (sfc1)

    		PhysAdminAll staff
    Instruction

    Duplicating

    Brad (temp)

    		PhysAdminAll staff
    Instruction

    Course Mgmt

    Rosemary Barber (rjf2)

    		PhysAdminAll staff
    (none)

    General and Central

    		Sue Sullivan (sfc1)PhysAdminAll staff
    (none)

    Grad

    Kacey Acquilano (klb79)

    		Grad, Management 
    (none)

    Faculty

    Deb Hatfield (dah6)

    		Grad, ManagementKacey needs access
    Business

    HR and Staffing

    Deb Hatfield (dah6),

    Nancy Searles (nbs4)

    		Business, Management 
    Business

    Budget and Finance

    Nancy Searles (nbs4),

    John Miner (jcm8)

    		Business, Management 
    (none)

    Chair

    Deb Hatfield (dah6)

    		Management 

    SysAdmin Note:

    1. Permissions on shared dept folders will be applied only by groups, not ID's (Due in part to the complexity of tracking /adding / removing individual permissions applied to folders, as well as possible file inheritance & permissions settings.)
      1. Individual ID permissions should only be granted to folders in "Users" folder trees, if used. (Scripting / variables may be preferred)
    1. Groups should have a functional name (please) "Business office", "Instruction", etc.
    2. All Phy dept sub-groups will be put in a primary Physics Admin / dept group - which is used to apply policies, map drives, apply networked printer queues, allow access to the share, etc.
      1. A special
    3. All staff must be in at least one sub-group, and preferably only one - even if the group only contains one person. (To allow access to share, policy’s, etc.)
    4. Folders which everyone can access do not need finer grained permissions. (Use primary group @ root only)
    5. Groups may either be nested (HR in Business Office), or multiple groups may be given permission to a folder (Safety, Facilities), as appropriate.
    6. Where group nesting/ combining is not sufficient, a user may be placed in more than one group.
    7. Caution is advised with any nesting or combined group access, unintended future rights may result.
    8. It is desirable to use these same groups for all services, such as Group Policies, FileMaker, Printing, File Sharing, etc.
      1. Policies can only be applied to accounts which are in the AD Tree cornell.edu\CUinv\NetIDs\Staff\AS\, or are created by AS/ChemIT/Physit (Special admins, guestID's, etc.)

    Phase two: Individual's folders

    • TBD

    Info from John Miner, to inform this:

      • This "R:\" drive will appear on Windows computer which get the appropriate AD policy applied. The policy is scoped to groups of people, not computers. Initially, the people scoped are all Physics Admin staff and some technical staff (Vince, Mark, and Jenny).
        • Note 1: The technical staff group as scoped in PhysIT's AD group includes Nick but he doesn't log into a PhysIT AD computer. Thus, he won't see the "R:" drive on his work computer since that computer is not on CU AD.
        • Note 2: Vince logs into a Mac so that won't get the file storage mounted automatically. PhysIT can get it mounted automatically by making a few changes at his computer directly, upon request.
      • KEY: The "R:\" drive can safely be ignored by folks not using the service, but they may appreciate knowing why it has appeared on their computer.

    See also

    Next steps

    May 20, 2015: Oliver met with John and decided on two action steps:

    • John would ask Deb to find out what staff thought of the service. Awareness, usage, and if there were any questions.
    • John and Oliver would meet and review what more John might like to do regarding his own files, discuss possibilities, advantages, and trade-offs.
      • What Oliver had originally called "Phase II", relate to an individual's own work files moved to the file storage service, and those files are not to be shared.

    John shared that his staff seem to be using it when they are working on projects together. And when they need to share information for other reasons.. Seems to be in-mind, and growing to be part of the standard operating practice for many staff.

    January 2015

    Next step, as of Wed, 1/21/14:

    Make additional changes to the folder names, structure, and permissions.

    Actions taken so far

    Deb scheduled a Physics staff mtg week of 1/12/2015 to demo share and have a Q&A. PhysIT's Oliver demo'd, consulted, and answered questions.

    • Invited all staff with current permissions, as well as Mark, Vince, and Jenny. (Per John, no need to have Dorothy or Nick attend.)

    Oliver demo to John and Deb on 12/15/14 (Monday), a "next step" from Friday, 11/14/14.

    • We looked over structure within John's account after (temporarily) mounting their drive, <//files.cornell.edu/as/phy/admin>.
    • Oliver created demo account <as-phy-it-user> and added it to the "Instruction" group so we can see what limited permissions look like logged on with that account.
      • Confirm inaccessible folders are visible, but that they prevented access if access not permitted, prompting a dialog box stating as such.

    11/15/14: Roger has worked with Greg at A&S to set up the space, in anticipation that this service will prove of value to Physics. This could have easily been reversed if there had been a "no go" decision, of course.

    Phase one: Shared folders

    Content moved to documentation page:

    Phase two: Individual's folders

    Content moved to documentation page:

     

     

    ...

    FACILITIES

    ...

    MANAGER

    ...

    Q: Is this more a personal folder, not a "shared" folder?

    ...