Home / server / Questions / 962238
Accepted
LPChip
Asked: 2019-04-10 06:37:54 +0800 CST

One share vs multiple shares on a fileserver

  • 772

In the past, before the NTFS filesystem, creating shares was the only way to set permissions on shared data. But with NTFS being there, you can basically have all the data on a server be in one shared folder, and use NTFS permissions on the folders inside the shared folder to control access.

This even works with network drive mappings.

So you can map S: to \\server1\shares\MyShare, given that Server1 is the name of the server, shares is the only share, and MyShare is one of the many folders below that has NTFS permissions setup.

My question is this. Is there a reason why one would use multiple shares over one share, given that all the data will be stored in the same place anyway?

So instead of sharing only shares, I would then share MyShare, give it full control and use NTFS to set access?

Is there a performance consideration to choose one over the other?

network-share

1 Answers

  1. Best Answer

    No answer from anyone made me suspect there is no performance difference in any way, so I did some test. From a situation where I had about 8 shares but all in the same place, I shared the root folder, and set my Network folders from group policy to go through that, so all my network shares are all accessed through one share, and you know what, there's no noticeable difference at all.

    The only difference I found that may give you a reason to not use this approach is the following: Although you can map a networkfolder to a drive letter anywhere down the shared folder, only the share itself has a right-click, map networkdrive option. So if you want to quickly be able to map a network share, then you would want to share that folder directly. Otherwise you can still map a network share, but it is a bit more cumbersome as you would have to navigate to the share first, copy its address, go to This PC, then from the menu create a network mapping and paste the url in there.

    From a server managing point, the above is something you actually may want to avoid, and this is a bit of security by obscurity.

    In any case, to me the best practice seems to be this:

    Try to place all data in one location if you can, and share the root folder. If you have to create multiple shares because the data itself resides on multiple harddisks, then you should name the shares such that they refer to the location internally.

    For example, you have a D and E drive, Both have a folder called shares, The Shares folder on D would be shared as Shares D, whereas the folder on E would be shared as Shares E.

    Now from Group policy you map the shares as follows (example):

    \\mydomain.local\Shares D\Share1  ->  G:  -> Share1
\\mydomain.local\Shares D\Example ->  H:  -> Example
\\mydomain.local\Shares E\Data    ->  I:  -> Data
\\mydomain.local\Shares E\Finance ->  X:  -> Finance

    To the user, they will just see the names and they get a network drive, but they don't see the actual shares.

    If you go to \\mydomain.local, you will see Shares D and Shares E, which will help you determine where the shares are located easily.

    Alternatively, you could name the folders Shares 1 and Shares 2, and share them the same, if you want to hide the physical location. Another approach, is to come up with a name that starts with the letter of the drive. For example Shares Daisy and Shares Elvin Gadd

    • 1