Comments on: Script: Check for Orphaned HomeDirs http://www.techcolumnist.com/wp/2009/07/07/script-check-for-orphaned-homedirs/ Storage Information Blog Wed, 19 Aug 2009 23:26:55 -0400 http://wordpress.org/?v=2.9.1 hourly 1 By: <img src='http://www.techcolumnist.com/wp/wp-content/plugins/rpx/images/google.png'/> dblSHOT http://www.techcolumnist.com/wp/2009/07/07/script-check-for-orphaned-homedirs/comment-page-1/#comment-166 dblSHOT Fri, 24 Jul 2009 23:54:11 +0000 http://www.techcolumnist.com/wp/?p=116#comment-166 when doing a folder based orphaned lookup (like removing old home directories) the owner isn't necessarily the best object to go by when determining orphaned directories. Our files have been moved many many times, and in the process, usually the account doing the migration or for some other reason ends up with ownership (and not the person that is no longer there). Also, there may be files where the owner no longer exists, but they exist in shared directories where there are other users that access those files, therefore also not an orphaned directory. This script helps me because I can do a lookup on home directories for users that no longer exist in AD, but protects because some of those folders may have had rights added to them for other purposes (HR, supervisor, etc) and would need to be followed up with. I think ACL inclusion in orphaned files is a must, also think that a "folder" can be determined as orphaned if only administrative groups have access (such as computer\Administrators or global admin only groups). I've used Tek-Tool's profiler and NetApp's file SRM tool. when doing a folder based orphaned lookup (like removing old home directories) the owner isn’t necessarily the best object to go by when determining orphaned directories. Our files have been moved many many times, and in the process, usually the account doing the migration or for some other reason ends up with ownership (and not the person that is no longer there). Also, there may be files where the owner no longer exists, but they exist in shared directories where there are other users that access those files, therefore also not an orphaned directory.

This script helps me because I can do a lookup on home directories for users that no longer exist in AD, but protects because some of those folders may have had rights added to them for other purposes (HR, supervisor, etc) and would need to be followed up with. I think ACL inclusion in orphaned files is a must, also think that a “folder” can be determined as orphaned if only administrative groups have access (such as computer\Administrators or global admin only groups).

I’ve used Tek-Tool’s profiler and NetApp’s file SRM tool.

]]> By: Tsahy Shapsa http://www.techcolumnist.com/wp/2009/07/07/script-check-for-orphaned-homedirs/comment-page-1/#comment-165 Tsahy Shapsa Fri, 24 Jul 2009 21:54:47 +0000 http://www.techcolumnist.com/wp/?p=116#comment-165 quick question: why would other 'orphaned file checker' be confused? if the 'owner' of a file doesn't exist in AD then the file is a good candidate to be tagged 'orphaned', no? or are you saying that some also look at the ACL to make the determination? would you mind sharing which sw products you had experience with that failed at this? quick question:
why would other ‘orphaned file checker’ be confused? if the ‘owner’ of a file doesn’t exist in AD then the file is a good candidate to be tagged ‘orphaned’, no?
or are you saying that some also look at the ACL to make the determination? would you mind sharing which sw products you had experience with that failed at this?

]]>