 |
 |
I would say you're better off sticking with drive letters for things like personal or departmental shares. They give a consistent abstraction point that you control, so if the host or share names ever need to change you can modify the letter mapping in your GPO and you're set. Windows checks for hostname spoofing in SMB and doesn't like it, so redirecting with a cname or something like that is out. Without a consistent drive letter, you run the risk of everyone's shortcuts breaking when its time to move to a new fileserver and nobody wants those torches and pitchforks on their doorstep. Viruses/cryptolocker are a concern and they do like to go after mapped drives, but there's no inherent additional security to using the UNC path over the slight level of obscurity. It's better to use the snapshot/previous versions/VSS features on the file server to define a set retention policy for previous versions of documents so you can rapidly revert. Backup archives are a second line of defense and probably won't be necessary, but are best practice to have regardless. Drive letter bloat/collisions can be minimized by creating a small number of root shares and then defining directory permissions on a set of sub-folders in the share root. If you do end up wanting to get rid of drive letters, I would say throw it in front of a DFS namespace. That gives you a similar abstraction layer so clients are connecting to the namespace and you can swap out the underlying hosts without disruption. It also eases migration to new fileservers by allowing you to add new hardware to the namespace, replicate the data, and then offline the old hardware without scheduling an outage window. Dave Graff On Mon, 18 Apr 2016 12:28:12 -0400, Jason Waterbury <[log in to unmask]> wrote: >I am looking for thoughts and conversation on using Mapped Network Drives >versus Network Locations UNC's. Currently we are pushing drive letters to >network locations through GPP. I am thinking about making transition from >using drive letters to using UNC shortcuts in Network Locations. A few >points on why I am thinking about making the transition are drive letter >collision/confusion, finite number of mapped drive letters, and that certain >viruses can spread to removable/network drives. > > > >Can someone who has experience using both or making the transition weigh in >on their thoughts about which they prefer, issues they have run into using >one or the other, or anything else that they would like to add? > > > > > > > > > > >Jason Waterbury >PC Technician >Broad College of Business >Michigan State University >645 N. Shaw Lan., Room 5 >East Lansing, MI 48824 >W: 517-353-1646 > >WHO WILL MAKE BUSINESS HAPPEN? > >Spartans Will.