I've recently been asked by a division of my company to rearrange our file structure on our network attached storage servers. However, I'm having a little trouble coming up with a solution to manage the file security on this new structure in a way that doesn't create too much burden on my IT department. Here's the skinny:
Currently our file structure is organized by department. On our NAS's we have these parent folders: Accounting, Engineering, Quality, etc.. To secure these directories is a no-brainer, I just create two Active Directory security groups and give one full access and the other read-only access to the corresponding directory. For example, the Quality folder will have a Quality Full Access and Quality Read-only security group assigned appropriate permissions on it.
Now management wants to change the structure so that the parent directories aren't organized by department, but rather by part number (we're a manufacturing facility). So they want, for example, a parent folder called "PN1234567" and directories beneath that folder with the various departments Accounting, Quality, etc.. I need to assign unique permissions to each of these departmental folders within the part number directories, and I can't think of a practical way of going about doing it. It wouldn't be a huge issue except that we have well over 1000 part numbers...
I can understand why they want to arrange the files in this manner because everything which corresponds to a specific part number can be found in a single location instead of having to hunt through directories searching for related files/documents. Does anyone know of any way I can simplify the application of permissions this way?