Advice on cleaning up a messy file structure?

albanga

I have recently started working at a new company and one of the biggest problems we are faced with is a very very messy file structure. There is hardly any permissions on files and staff have just created folder in folder in folder. All up i'd be guessing there is around 2000 directories for a reasonably small company.

I was just wondering if anybody had any advice or have dealt with this and how the best way to go about attacking it would be. At the moment its so messy half the people cant find anything.

I was also wondering if there is a way you can run some sort of search whether by a script or what have you to find out when files and folders were last modified. I was hopiong to run it to go back around 2 years and tell me if any files have not been modified since. If i can do that then atleast i can start to see what folders i can begin to archive and then remove from our system.

I should also add that all this data is killing our server, we recently moved heaps to a new server but this is till doing it tough.

Any help would be great. Cheers in advance.

Smallguy

I'd go by dept and slowly move through the company.... remove all the permisions to each folder and give only people woh need access permssions... and only the appropiate permissions. Also remember to give permisions to groups when ever possiable.

Also put a systme in place to control the access...where i work the Dept manager must either fill out a form or email me asking to asign permissions for a user to a folder. This jsut covers my butt incase someone does something malicious... I atleast have documentation stating u requested them ot have full access.




for the data re-organization depending on how bad it is you might have ot have each depts manager organize everthing and thne archive anytihng that isn't 05-06. I'd be very careflu organizng anything yourself... I'd leave it to that depts manager to properly organize it all.... thne you lock it down. Feel free to make recomendations but I'd let thme do the work so they relaize how muhc of a **** it is she your fiel systme goes to **** and if something is lost its not your fault but it's their's

I'm not well versed in scripting so I can't answer our question about scripts.

Gogousa

As smallguy suggested I would let each department handle their own files. They have to learn how to organize files too. After all, is their work and it is going to be beneficial for them.
About finding the files that have not being used for a wile, The “Search for Files and Folders” option in windows has the ability to find files by date (modified, Created and Last Accessed between days).
Good luck.

albanga

Cheers, thanks for the advice will definately be talking to the departments before i go removing anything. I think we are in for a long journey!

blargoe

I've dealt with this a few times. The worst file server migration scenario I've been through sounds exactly like the one you're dealing with now. The main difference being I was the corporate sysadmin and the server was at a remote site who had a dedicated tech to go around and work with the different departments to organize data, which was nice. We ended up copying the data, crappy structure and all, to the new server, but using xcopy switches to only copy files that had been updated in the previous 2 years. Then went back and grabbed all design data (which was relatively contained to a couple of folders) and other files upon request, and gradually moved all of the data to the new folder structure I created for them.

Being new, and depending on the size of the company and the politics, you might need to let your manager break the news of changing their network drive to the other department managers.

Is it a conglomeration of files all on a single network volume or something?

The end solution should have at a minumum, locked down folders for departments with sensitve data (financial, HR, intellectual property, IT, etc). The root of the network drive should be locked down so users cannot save files or create folders there, it should only contain the departmental folders and other folders containing publicly accessible data. Here is how I do the permissions, when I'm building a file server:

(Where administrators is the local administrators group on the server, domain\sharedriveusers is a domain local group containing all users of the network drive, and domain\department is a domain local group containing users for a given department)

root of network shared folder
administrators full control, domain\sharedriveusers list folder contents

Top level folder within shared folder (i.e., departmental folder)
remove inheiritance - copy settings, administrators full control, domain\department modify, remove domain\sharedriveusers from list

Top level folder with publicly accessible data
keep inheiritance and add read or modify permissions for domain\sharedriveusers to the folder as appropriate.

Do not use additional security for other subfolders.

Use the Access Based Enumeration tool for Windows 2003 to hide any folders from users that they don't have rights to.

This offers the best combination of flexibility, security, and ease of administraton. Using domain local groups instead of adding users directly to folders prevents you from having to recalcualte the ACL everytime you add a user, and allows you to add users in trusted domains to the folder (if you end up doing a migration to a different domain or merge or partner with another company. Keeping users out of the root of the network share keeps them isolated in their own area and keeps things cleaner.

For finding old files - a windows search is probably the easiest way to accomplish this.