Share Management in ADUC AdminPlus

Posted June 27th, 2012

One of the perks of developing software is that you never know what you’ll run in to. Sure, you set out to develop a set of specific functions, so you start with a functional design, then a technical design, then add technical specs (you know, platform dependant stuff), and then you start building, thinking you only need to follow THE PLAN.

Then, along the way, when things start to come together, you suddenly realize that you were holding yourself back, that the functionality you set out to build is nowhere near what could be built. Green pastures, beautiful horizons with eye blinding sunsets. That stuff.

That’s what more or less happened when we set out to incorporate ‘share management’ into AdminPlus. In case you’re wondering, yes, with ‘share management’ I’m simply talking about offering file services to end users based on UNC path. I’m talking about shares on Home and Profile Directories, basically.

And yes, that was our thought, too. Home and profile share management is hardly rocket science. Yet, we simply wanted to offer share management to AdminPlus users, so that they no longer needed to leave AdminPlus in order to create or mutate a share on an end user’s home or profile directory.

We started at the most basic point, the file system itself — as in, you connect to a remote file system, unfold a directory, and get to see a list of directories which you know represent home directories of end users. These are named after each end user’s SamaccountName, and they are shared as each end user’s SamaccountName. The Home Directory attribute on a user object points to this location.

In AdminPlus, in the connect to file system interface, you can add or mutate shares. No big deal, except for two extra features, namely the options to create or delete shares on all sub directories of a given directory.

Then we thought, wouldn’t it be nice if we could turn this around? Wouldn’t it be nice if we could show the share properties in combination with the end users that those shares belong to? In other words, wouldn’t it be nice if we could somehow list the share properties the same way you can list any other property or AD attribute, such as a user object’s Home Directory path?

This did give us something of a pulse, because, especially with DFS paths, the physical location of data is not easily traceable. Let me rephrase that — the physical location is traceable, but it’s a nuisance to trace. A DFS link points to a server share, which in turn points to a local drive and directory path… brrrr.

So, we defined a couple of generated properties, such as:

  • Share Server
  • Share Local Path
  • Share Comment
  • Share Allow Maximum
  • Share Maximum Allowed
  • Share Permissions

Around that time we were doing some AD cleanup work for a large costumer of ours, with more that 3000 end users. They told us that they were convinced that their file services were sound, that, in fact, their file services were about the only sound part of their entire infrastructure. We stated that, in any environment with more than 3000 end users, file system data gets shuffled around a lot, that automated copy actions are hardly ever back checked, and that when employees switch departments, mosttimes their home and profile data do not follow in their footsteps — meaning that it’s not always migrated to their new department. Given enough time, file systems become… messy. No, we didn’t say that their file systems were messy. Not right out, anyway. We don’t talk to customers like that. Well, not if we can prevent it.

We did say — hey, chance has it that we’re beta testing this little piece of software we just wrote…

So, we fired up the beta version of AdminPlus, requested all user objects from their AD, and then requested the properties mentioned above, and sat back… It was then that a magical thing happened. Because as the data poured in, patterns started to emerge…

On a file system, that was in our customer’s belief, albeit too big for any single mind to fathom, at least monolithically sound, a lot of things seemed out of order. Shares were missing (turned out that in some cases the shares weren’t actually missing, but residing on other directories!), share permissions were missing or corrupt, comments were wrong, concurrent access numbers were wrong, and, indeed, a substantial number of homes were ‘misplaced’.

“Okay,” they said, a bit dismayed. “Turns out you’re right. Any way to fix this?”

And this, finally, brings me to the functionality that appeared on the horizon: wouldn’t it be nice if we could also build some kind of bulk function to correct at least part of these problems?

Which is, of course, exactly what we did …

aducADMIN+A Powerfully Simple Active Directory Management Tool.

Download A FREE Trial

We're a software company based in Amsterdam that focuses on large-scale network management software. aducADMIN+ is our flagship product - but we also manage networks of over 20,000 users.

Vision It has been developing custom software solutions since 2009 and launched aducADMIN+ in 2010 to help us save time and money managing our own networks.

Developing software out of amsterdam, The Netherlands with installations in over 50 countries around the globe.


+31 20 893 2017