I couldn't think of a group of users with more experience than here so I'll give this a shot.
At work, we have a new building and new file sharing setup.
We set up a Mac mini with some RAID bays attached and turned on Sharing.
There is only one dynamic lacking in this configuration: we need everybody to be able to control the Collab directory.
So here's the general layout:
Any user that can work on the server belongs to Sharing group and has a Sharing-Only user account on the mini.
Every user has their personal folder that they can do anything they want with but nobody else can read it. So Jack has /Server/Jack/ to himself.
Nobody can add or remove folders from top level /Server/. So even Jack can't delete /Server/Jack
There should be a Collab folder that everybody can add to, delete from, edit in, etc. Basically everybody in Sharing has 100% full permission granted inside /Server/Collab/
That last part isn't working so far. if Jack drags his Music library into Collab/, only Jack (or an admin) can delete it. Some files he adds work but it's unlikely any folder he drags in will let somebody else delete it or its contents. Importantly, that means that if Steve drags something from Collab/ to /Server/Steve/ it should disappear from Collab/ and only appear in Steve/. Moving instead of copying reduces duplicates and transfer times.
I've tried setting permissions for the group to /Server/Collab but it only applies to what is currently in Collab/, it doesn't change anything that gets added in the future.
At this point I'm basically giving up and just leaving it as is until somebody more knowledgeable chimes in.
At work, we have a new building and new file sharing setup.
We set up a Mac mini with some RAID bays attached and turned on Sharing.
There is only one dynamic lacking in this configuration: we need everybody to be able to control the Collab directory.
So here's the general layout:
Any user that can work on the server belongs to Sharing group and has a Sharing-Only user account on the mini.
Every user has their personal folder that they can do anything they want with but nobody else can read it. So Jack has /Server/Jack/ to himself.
Nobody can add or remove folders from top level /Server/. So even Jack can't delete /Server/Jack
There should be a Collab folder that everybody can add to, delete from, edit in, etc. Basically everybody in Sharing has 100% full permission granted inside /Server/Collab/
That last part isn't working so far. if Jack drags his Music library into Collab/, only Jack (or an admin) can delete it. Some files he adds work but it's unlikely any folder he drags in will let somebody else delete it or its contents. Importantly, that means that if Steve drags something from Collab/ to /Server/Steve/ it should disappear from Collab/ and only appear in Steve/. Moving instead of copying reduces duplicates and transfer times.
I've tried setting permissions for the group to /Server/Collab but it only applies to what is currently in Collab/, it doesn't change anything that gets added in the future.
At this point I'm basically giving up and just leaving it as is until somebody more knowledgeable chimes in.
