I am involved in a debate on directory design.
Which is better for creation of a tree for a small company with multiple WAN linked offices, some limited job role differentiation and little need for security other than privacy for home directories and personnel records?
1. Creation of multiple trees consisting of a single container holding all objects, along with a single map to root of the volume and use of groups and inherited rights filters to restrict/allow access to folders in volumeincluding home directories and sensitive personnel information (personnel records used by an accounting/personel office in one office).
or
2. Eventual creation of a single tree with duplicate configurations for each office in which multiple continers relating to various job junctions are created below the container holding server, printer, volume email and other “network” objects, creation of a second volume on the server containing personnel information and the use of container rights and login scripts to provide access to various volume and/or folder configurations.
Which in you opinion is the best most effecient strategy?