Company Share Folders and Permissions

Sharing out company information is a very important thing to do right – who gets to see what and what can they do with it? That is why it is best to have a plan in place before beginning.

Plan to have the shares in one folder, on a data drive (not OS), preferably on a dedicated File Server (not a NAS, please). Name the folders something recognizable.

Company is the general share that everyone can access.

Executive is the share for Executives

Accounting is the share for the accounting department – payroll, billing, etc.

Home is a folder for each user’s Home Drive (As set up in Active Directory)

Departments is a top folder with department folders inside, each department folder shared out to it’s department security group.

Ah, yes – Security Groups. You will always want to assign permissions using security groups. It is a lot easier to manage adding users to security groups than going around digging through folders for which ones they need access to. If they need access, there should be a security group for that!

Now, how to map the folders? Group Policy. Put one group policy for each Security Group and which folders they need mapped.

Another very awesome tool for doing group policy is Item-Level Targeting. With this, you can use one policy with multiple items that go to different groups – such as printers, drive maps, etc.

On the Common Tab, Check the Item-level targeting box and click the targeting button…

Item Level Targeting

There are a LOT of options – even though I normally use only the Security Group option – you can get very specific.

Endless Options to target…
The most used (by me) Targeting…

So, if you are deploying dozens of printers or drive mappings – or software – use Item-Level targeting to control who or which pc gets what. It saves clutter in Group Policy management.

Migrated to DreamHost

So, after more than a decade at WebIntellects hosting, I had to call it quits – they just didn’t keep up with my website – WordPress based, but not very active – still, logging in to the CPanel even got laggy. Moved one site to DreamHost and it was a lot faster, more reliable and easier to manage.

Migration, however, was not as straight forward as they would have you believe. Here is the REAL story.

I’m going to assume you have a current website (wordpress) and just set up your account, domain and got wordpress installed at DreamHost. What now?

Stop. You have some information to gather first.

Start by getting your WordPress MySQL credentials… (1) Click on MySQL Databases, (2) scroll down to Database(s) on this server:

(3) Click on the Users Access ( after you copy down the user name! ) and then scroll down to the “Do you need to know user’s password? and click Show – copy it.

Now, go back to MySQL Databases and scroll to HOSTNAME – click on the phpMyAdmin – where you will use the credentials gathered above to log in….

It should auto populate the MySQL Hostname:

Scroll down until you find wp_users (or wp_somthin_users) and expand that table.

Copy the user_login name and click Edit to change the password :

Find user_pass and click the drop down to set it to MD5

Enter a new password and click GO (bottom right)

When you go back to look at it, it will be in a hex string, so make sure you know what the password is or you will have to change it again.

On your DreamHost, under Manage Websites, manage your site and Get Migration Key under WordPress

I already got the Key… 😀

Now you should have:
Dreamhost WordPress admin User name and Password
Migration Key
Current WordPress admin User name and Password.

Now, go to your current wordpress and log in as an admin.

Go to Plugins, Add New and search and install DreamHost Automated Migration.

Activate it.

It will ask you for the information gathered – put it all in and Begin Migration!

Once Migration is complete (15 minutes or more depending on your site size), you are not done. Now you need to point your domain’s DNS to DreamHost.

I use Cloudflare for my DNS, so I get the DNS settings from Manage Websites –> Manage –> DNS Records (under Domain)

Update appropriately – but you MUST have a and a record – or a and a record.

Once those are done, you need to turn on SSL…

Under Websites, click on Secure Certificates – then Add one to your website:

I went with the Free personal site SSL from Let’s Encrypt….

Once that order processes and is installed – you should see the Lock beside your website is green:

Now you should be able to see your new site (given fast DNS updates), though it may take a bit – 15 minutes or longer depending on your DNS’s TTL settings.

And Migration is complete – go in to word press and update plugins, check your Site Health, etc. Explore your page and make sure its all showing properly.

For References from DreamHost :

Robocopy Nested “Application Data” Glitch


So, I copied some profiles over using Robocopy. The size of these profiles on the new server was staggering! I had to expand the drive to accommodate the bloat!
Then I started looking – the data on the original profiles was not anywhere close to that big.

What happened?

Well, this is my normal robocopy command :

Robocopy \\OldServer\c$\Users\username C:\users\username * /ZB /e /Copy:DATSO /dcopy:DAT /xo /r:0 /XD $Recycle.Bin DFSRPrivate /XF desktop.ini thumbs.db /Log:c:\temppath\username.log /np /tee

One profile got the glitch – and others were starting to before I added a little line in my command code:

Robocopy \denali-rds-s16\c$\Users\username C:\users\username * /ZB /e /Copy:DATSO /dcopy:DAT /xo /r:0 /XD $Recycle.Bin "Application Data" DFSRPrivate /XF desktop.ini thumbs.db /Log:c:\temppath\username.log /np /tee

The profile that had the problem – well, I am still deleting with the following code:

Robocopy c:\temppath\blank "C:\users\username\appdata\local\application data\application data" * /ZB /e /purge /Copy:DATSO /dcopy:DAT /xo /r:0 /XD $Recycle.Bin DFSRPrivate /XF desktop.ini thumbs.db /Log:c:\temppath\usernamePurge.log /np /tee

c:\temppath\blank is an empty folder. Robocopy will delete anything within the target thanks to the /purge switch. This also works for folder paths with more than 256 characters that windows can’t delete on it’s own.

Anyway – starting I had 190 GB free on the drive – I am at 400 GB free on the drive now. More than 200 GB in nested “Application Data” folders – replicated by robocopy over and over and over again.

The Cleanup in Action

24 nested folders – and this is after about 20 minutes of deleting! It is still going as I write this!

… and it just finished – 402 GB free –

Okay, I know what you’re thinking – what does copying a profile to a new system with Robocopy accomplish? It doesn’t really transfer the profile over!

That is where I have to give a shout out to the Genius team at ForensIT – Profile Wiz is a life safer!

You can use Profile Wiz to literally take over a profile! Lets say, for example, JohnSmith worked for the company for 5 years, and all his documents and such were in his profile. John gets hit by a bus and you get a new employee – Brad Cooper – well, you want Brad to have all of John’s information – you can use Profile Wiz to give c:\users\johnsmith to the BradCooper login. Concerned about the folder name? Change the folder name to BradCooper – and then use the “Unassigned Profiles” checkbox to assign it to Brad.

Absolutely worth the Profession Edition!