Advanced file system (encrypt,compress,disk quota)

Uploaded on


More in: Education , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. 70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Advanced File System Management
  • 2. File Compression
    • Reduces amount of disk space needed for files and folders
    • Automatically uncompressed when the resource is accessed
    • Compressed resources displayed in different color in Windows Explorer (blue by default)
    • Moving and copying resources can affect compression
  • 3. Configuring Folder Compression Settings
    • Objective: Configure a folder to compress its contents
    • Create a folder, copy a file into it
    • Set the compression attribute on the folder to compress itself and its contents
    • Note the appearance of the folder and verify compression of contents
  • 4. (continued)
  • 5. COMPACT
    • Used with NTFS file system only
    • Command-line utility for configuring the compression attribute
    • Syntax
      • COMPACT (to view)
      • COMPACT switches resourcename (to set attributes)
    • Switches
      • /c (to compress resources)
      • /u (to uncompress resources)
  • 6. File Encryption
    • Encrypting File System (EFS) uses public key cryptography to encrypt files and folders
    • Only on NTFS file systems
    • Transparent to user
    • Implemented using 2 main types of keys
      • File encryption key (FEK)
        • Session key added to header of encrypted data ( data decryption field )
      • Public key encrypts DDF
  • 7. File Encryption (continued)
    • Main challenge for public key cryptography is when users leave organization
    • Can rename user account
    • Can use data recovery agent
      • FEK also stored in data recovery field (DRF)
      • Encrypted using data recovery agent’s public key
      • Default is administrator, additional recovery agents can be designated
    • Moving or copying files can affect encryption
    • Encrypted files cannot be compressed, vice versa
  • 8. Encrypting Files Using Windows Explorer
    • Objective: Implement and test file encryption security using EFS
    • Configure encryption on a folder and create a file in the folder
    • Try to open the folder and file from another user account and observe results
    • Try to open the folder and file from a domain administrator account and observe results
  • 9. Sharing Encrypted Files
    • In Windows 2000, only user and data recovery agent could access an encrypted file
    • In Windows Server 2003, Advanced Attributes allows sharing with other specific named users
    • Issues:
      • Only for files, not folders
      • Can only share with users, not groups
      • Users must have a certificate on computer
      • Users must have appropriate NTFS permissions
  • 10. Sharing Encrypted Files (continued)
  • 11. Disk Quotas
    • Disk quotas used to monitor and control user disk space
    • Advantages
      • Prevents users from consuming all disk space
      • Encourages users to delete old files
      • Allows monitoring for planning purposes
      • Allows monitoring of individual users
    • Disabled by default
    • Implemented only on NTFS volumes
    • Configured from Properties of a volume
  • 12. Disk Quotas (continued)
  • 13. Disk Quotas (continued)
  • 14. Disk Quotas (continued)
  • 15. Configuring and Managing Disk Quotas
    • Objective: Enable and manage disk quota settings
    • Enable quota management
    • Configure “soft” disk quota settings
    • Observe results
    • Set up a warning situation and observe results
  • 16. Managing Disk Quotas from the Command Line
    • FSUTIL QUOTA command-line utility can be used to manage disk quotas
      • Can enable/disable, modify, display, track, report
      • Example (to enable disk quotas on drive E)
        • fsutil quota enforce e:
      • Events written to System log (displayed in Event Viewer) every hour by default
        • fsutil behavior command can change the interval
    • Help available for fsutil quota and fsutil behavior commands in Help and Support Center
  • 17. Managing Disk Quotas from the Command Line (continued)