Versions Compared

Old Version 63

changes.mady.by.user user-29411

Saved on

compared with

New Version Current

changes.mady.by.user user-29411

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Phase one: Shared folders

Synonyms: Folders == directories.

Conventions used among staff will limit actions not necessarily enforced by the permissions.

Objective: Reduce complexity to reduce mistakes and facilitate debugging, balanced with ensuring security and adequate access.

Graphic: Who can access specific folders

Matrix: Who can access specific folders

 Folders:

Staff

Person:

Office

InstructionGradChair supportBusiness
Sue

X

X

   
Brad

X

X

   
Rosemary

X

X

   
Kacey

X

X

X

  
Deb

X

X

X

X

X

Nancy

X

   

X

John

X

X

X

X

X

Implementing the above summaries:

Groups

Primary Dept GroupSecondary groupSub-group nameNetIDsMembersSorting

All Physics Staff

AS-PHY-Staff

Physics Office Staff

AS-PHY-OfficeStaff

Management

AS-PHY-Management

jcm8

dah6

John Miner

Deb Hatfield

1
AS-PHY-StaffAS-PHY-OfficeStaff

Business

AS-PHY-Business

nbs4Nancy Searles2
AS-PHY-StaffAS-PHY-OfficeStaff

Grad

AS-PHY-Grad

klb79Kacey Acquilano3
AS-PHY-StaffAS-PHY-OfficeStaff

Instruction

AS-PHY-Instruction

rjf2

sfc1

bgr33

Rosemary Barber

Sue Sullivan

Brad Rayle (temp)

4

Possible future groups:

Primary Dept GroupSecondary groupSub-group nameNetIDsMembersSorting
AS-PHY-Staff 

Technical

AS-PHY-Technical

jew16

ml622

ns53

vwk1

Jenny Wurster

Mark Lory-Moran

Nick Szabo

Vince Kotmel

1
AS-PHY-Lecturers Lecturers Use at all?2

Folders, sub-folders, and their custodian

Folder name

Within folder
(if not top-level)

Primary folder owner (NetID)NotesSort

Undergrad and events

Instruction

Sue Sullivan (sfc1)

Access by all office staff

To contain, from John's originally proposed folder names, "Colloquia/events" and "Gen. Information".

1

Duplicating

Instruction

Brad Rayle (bgr33, temp)

Access by all office staff2

Courses

Instruction

Rosemary Barber (rjf2)

Access by all office staff

John's originally proposed folder name was "Course mgmt".

3

Office

(top level)Sue Sullivan (sfc1)

Access by all office staff

Just office staff. Thus, not for Nor for all Physics staff (including Tech).

This was not one of John's originally proposed folders. PhysIT's proposed folder name was "Department".

4

Grad

(top level)

Kacey Acquilano (klb79)

 5

HR and Staffing

Business

Deb Hatfield (dah6)

John's originally proposed folder name was "HR/Staffing".6

Budget and Finance

Business

Nancy Searles (nbs4),

John Miner (jcm8)

John's originally proposed folder name was "Budget/Finance".7

Chair support

(top level)

Deb Hatfield (dah6)

John's originally proposed folder name was "Chair".

To contain, from John's originally proposed folder names, "Faculty", which he had noted that Kacey needed occasional access.

8

Possible future folders and their custodian

Folder name

Within folder

(if any)

Primary folder
owner (NetID)		NotesSort

Tech

  Mark Lory-Moran (ml622)?Add if it represents any value to Vince, Mark, and/or Jenny.1
Instruct Who?Must first present idea to instructors. Add if it represents any value to them.2

Folders hierarchy and permissions

...

Physics Dept

Group's Share

...

Top Level Folder

(Permissions here)

...

Instruction =>

AS-PHY-OfficeStaff

...

Undergrad and events

Duplicating

Courses

...

Office

AS-PHY-OfficeStaff

...

All office staff

...

Grad

AS-PHY-Grad

AS-PHY-Management

...

Grad, and

Management

...

AS-PHY-Business

AS-PHY-Management

...

HR and Staffing

Budget and Finance

...

Business, and

Management

...

Content moved to documentation page:

...

AS-PHY-Management

...

 

Possible future folders hierarchy and permissions

Physics Dept

Group's Share

Top Level Folder

(Permissions here)

2nd Level FolderFolder AccessNotesSort
 \\files.cornell.edu\as\PHY\Admin

Tech

AS-PHY-Tech

 

Technical, and

Management

Placeholder:

Any value to them?

1
 

  Instruct

AS-PHY-Instruct

 Lecturers, and

Management

Create at all?2

 

SysAdmin Note:

  1. Permissions on shared dept folders will be applied only by groups, not ID's (Due in part to the complexity of tracking /adding / removing individual permissions applied to folders, as well as possible file inheritance & permissions settings.)
    1. Individual ID permissions should only be granted to folders in "Users" folder trees, if used. (Scripting / variables may be preferred)
  1. Groups should have a functional name (please) "Business office", "Instruction", etc.
  2. All Phy dept sub-groups will be put in a primary Physics Admin / dept group - which is used to apply policies, map drives, apply networked printer queues, allow access to the share, etc.
    1. A special
  3. All staff must be in at least one sub-group, and preferably only one - even if the group only contains one person. (To allow access to share, policy’s, etc.)
  4. Folders which everyone can access do not need finer grained permissions. (Use primary group @ root only)
  5. Groups may either be nested (HR in Business Office), or multiple groups may be given permission to a folder (Safety, Facilities), as appropriate.
  6. Where group nesting/ combining is not sufficient, a user may be placed in more than one group.
  7. Caution is advised with any nesting or combined group access, unintended future rights may result.
  8. It is desirable to use these same groups for all services, such as Group Policies, FileMaker, Printing, File Sharing, etc.
    1. Policies can only be applied to accounts which are in the AD Tree cornell.edu\CUinv\NetIDs\Staff\AS\, or are created by AS/ChemIT/Physit (Special admins, guestID's, etc.)

Phase two: Individual's folders

  • TBD

Info from John Miner, to inform this:

...

Content moved to documentation page:

 

 

...

Management

...

Q: Is this more a personal folder, not a "shared" folder?

A: Sounds that way. "Users\jcm8"

John's originally proposed folder name was "Manager".

...