How-to Manage Server Folders & Security in Windows Server 2016 EssentialsAlex Fields
After setting up your domain and adding or importing users from an existing domain, then one of the very next things you’re likely to do as an administrator of Windows Server Essentials 2016 is to setup your shared folders and permissions. Prior to this step, I also recommend enabling the integration to Azure AD and Office 365.
We are going to walk through a number of items related to managing server folders:
- Add Security Groups (recommended)
- Moving Server Folders (recommended)
- Enable Group Policy / Folder Redirection (optional)
- Enable BranchCache (optional)
- Add new Server Folders (optional)
The Dashboard provides some interesting tools for managing shared resources, and they are fairly straightforward to use.
1. Add Security Groups (recommended)
Before you begin administration of your folders, make sure you’ve got some security groups defined. Go to Users, select User Groups and then Add a new group.
Name your group and give it a description.
Follow the rest of the prompts–you can choose to include this security group in the cloud as well.
Choose which users to include.
Go ahead and finish your way through the wizard.
2. Move your Server Folders (recommended)
Before you get too far, you will probably want to move your server folders from the default location (C:\ServerFolders\). In my example, I moved them to another volume, E:\.
From the Dashboard, go to Storage, and then Server Folders, select a folder and click “Move the folder” from the right.
Click Next to get started, and choose your new location from the list of presented alternatives. In this case I chose the option for my E:\ volume.
Go ahead and finish the wizard.
3. Enable Folder Redirection (optional)
You may want to redirect common user folders such as Documents and Favorites to the Server Folders, so they can be included in Backup. To do this, navigate to Devices in the Dashboard, make sure your Essentials server is selected, then click on Implement Group Policy. Note that this step would normally be done after you’ve already disabled legacy group policies–for example if you’re coming from an older environment like Small Business Server.
Step through the wizard.
Consider whether you want to include things like Downloads, Music and Pictures (you may not want those kinds of items taking up space–it depends on the business requirements).
I usually enable the default settings for the security portion, although it is optional and you can manage your own also.
Gotta love this plug for Windows 10 on the last screen. As if it weren’t enough that Microsoft made it a recommended update already. Relentless!
Want to see what this wizard actually did? Open the Group Policy Management console from Administrative Tools, and check out the GPO’s.
4. Enable BranchCache (optional)
You also have the option to enable BranchCache, which allows computers on your local LAN segment to cache server folder data for quicker access. This is helpful if your Windows Essentials Server is hosted offsite by a service provider, or in Microsoft Azure, for example.
Just click Settings in the upper-right corner of the Dashboard, then go to BranchCache and click Turn on. Click OK.
To see what this action did, check out the Group Policy Management console again.
The BranchCache feature will also require Enterprise licensing for your Windows client computers in order to work properly.
5. Add new Server Folders (optional)
Finally, let’s see what it looks like to add a new Server Folder through the Dashboard. Go back to Storage > Server Folders. Select Add a folder from the right.
Give your folder a name and description.
From here you can assign permission to the resource directly–your new Security Groups should be present in here as well. Note that you can always go back into existing server folders to edit permissions later, also.
You will also be reminded to include the folder in your backup.
You can also easily manage SharePoint Libraries in Office 365 much in the same way, right from the Essentials Dashboard. More on that here.