Successfully reported this slideshow.
Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management
Objectives <ul><li>Understand and configure file and folder attributes </li></ul><ul><li>Understand and configure advanced...
File and Folder Attributes <ul><li>Used since MS-DOS operating system </li></ul><ul><li>Attributes describe files, folders...
Read-only <ul><li>Designates that the contents of a file cannot be changed and file cannot be deleted </li></ul><ul><li>Av...
Read-only (continued)
Archive <ul><li>Marks which files and folders have been recently changed or created </li></ul><ul><li>Recently modified fi...
System <ul><li>Originally designed to identify O.S. in MS-DOS </li></ul><ul><li>In Windows Server 2003 </li></ul><ul><ul><...
Hidden <ul><li>Used to make files and folders less visible to users from Windows Explorer and command-line </li></ul><ul><...
Hidden (continued) <ul><li>Visibility can be configured from View tab of Folder Options from Tools in Windows Explorer </l...
Hidden (continued)
Activity 7-1: Viewing and Configuring File and Folder Attributes Using Windows Explorer <ul><li>Objective: Use Windows Exp...
The ATTRIB Command <ul><li>A command-line utility used to view, add or remove the four attributes of files and folders </l...
Activity 7-2: Changing File Attributes Using the ATTRIB Command <ul><li>Objective: View and change file attributes from th...
Advanced Attributes <ul><li>Advanced attributes found on NTFS partitions or volumes </li></ul><ul><li>Archive and Index at...
Advanced Attributes (continued)
File Compression <ul><li>Reduces amount of disk space needed for files and folders </li></ul><ul><li>Automatically uncompr...
Activity 7-3: Configuring Folder Compression Settings <ul><li>Objective: Configure a folder to compress its contents </li>...
Activity 7-3: (continued)
COMPACT <ul><li>Used with NTFS file system only </li></ul><ul><li>Command-line utility for configuring the compression att...
File Encryption <ul><li>Encrypting File System (EFS)  uses public key cryptography to encrypt files and folders </li></ul>...
File Encryption (continued) <ul><li>Main challenge for public key cryptography is when users leave organization </li></ul>...
Activity 7-4: Encrypting Files Using Windows Explorer <ul><li>Objective: Implement and test file encryption security using...
Sharing Encrypted Files <ul><li>In Windows 2000, only user and data recovery agent could access an encrypted file </li></u...
Sharing Encrypted Files (continued)
The CIPHER Command <ul><li>Command-line utility for file and folder encryption </li></ul><ul><ul><li>Used by administrator...
The CIPHER Command (continued)
The CIPHER Command (continued) <ul><li>Switches </li></ul><ul><ul><li>/e (to encrypt a folder) </li></ul></ul><ul><ul><li>...
Activity 7-5: Encrypting Files Using the CIPHER Utility <ul><li>Objective: To encrypt and decrypt files using CIPHER </li>...
Disk Quotas <ul><li>Disk quotas used to monitor and control user disk space </li></ul><ul><li>Advantages </li></ul><ul><ul...
Disk Quotas (continued)
Disk Quotas (continued)
Disk Quotas (continued)
Activity 7-6: Configuring and Managing Disk Quotas <ul><li>Objective: Enable and manage disk quota settings </li></ul><ul>...
Managing Disk Quotas from the Command Line <ul><li>FSUTIL QUOTA command-line utility can be used to manage disk quotas </l...
Managing Disk Quotas from the Command Line (continued)
Distributed File System <ul><li>Makes it appear that multiple shared-file resources are stored in a single hierarchical st...
Distributed File System (continued)
DFS Models <ul><li>Two models: </li></ul><ul><ul><li>Standalone DFS model (more limited capabilities) </li></ul></ul><ul><...
DFS Models (continued) <ul><li>Hierarchical structure is called DFS topology or logical structure, three elements to struc...
Activity 7-7: Implementing Domain-Based DFS and Creating Links <ul><li>Objective: to create a new domain-based DFS root an...
Managing DFS <ul><li>Tasks involved in managing DFS system </li></ul><ul><ul><li>Deleting a DFS root </li></ul></ul><ul><u...
Managing DFS (continued) <ul><li>DFS element status is indicated with colored icons </li></ul>
Summary <ul><li>File and folder attributes are: </li></ul><ul><ul><li>Read-only (can a resource be modified or deleted) </...
Summary (continued) <ul><li>Advanced attributes on NTFS partitions or volumes include: </li></ul><ul><ul><li>Archiving (sp...
Summary (continued) <ul><li>Disk quotas allow management of disk space usage by individual users </li></ul><ul><ul><li>Man...
Upcoming SlideShare
Loading in …5
×

Chapter07 Advanced File System Management

4,861 views

Published on

Published in: Technology
  • Be the first to comment

Chapter07 Advanced File System Management

  1. 1. Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management
  2. 2. Objectives <ul><li>Understand and configure file and folder attributes </li></ul><ul><li>Understand and configure advanced file and folder attributes </li></ul><ul><li>Implement and manage disk quotas </li></ul><ul><li>Understand and implement the Distributed File System </li></ul>
  3. 3. File and Folder Attributes <ul><li>Used since MS-DOS operating system </li></ul><ul><li>Attributes describe files, folders, and their characteristics </li></ul><ul><li>Applicable utilities include graphical tools and the ATTRIB command </li></ul><ul><li>Four standard file and folder attributes </li></ul><ul><ul><li>Read-only </li></ul></ul><ul><ul><li>Archive </li></ul></ul><ul><ul><li>System </li></ul></ul><ul><ul><li>hidden </li></ul></ul>
  4. 4. Read-only <ul><li>Designates that the contents of a file cannot be changed and file cannot be deleted </li></ul><ul><li>Available in all file systems (FAT, FAT32, NTFS partitions and volumes) </li></ul><ul><ul><li>FAT, FAT32 attributes can be changed by any user </li></ul></ul><ul><ul><li>NTFS attribute can only be changed by a user with appropriate permissions </li></ul></ul><ul><li>Can be configured for a file or folder </li></ul><ul><ul><li>For folders, attribute pertains to the files it contains, not the folder itself </li></ul></ul>
  5. 5. Read-only (continued)
  6. 6. Archive <ul><li>Marks which files and folders have been recently changed or created </li></ul><ul><li>Recently modified files are marked as ready for archiving </li></ul><ul><li>Important for backup </li></ul><ul><li>Backup methods update the status of the archive attribute </li></ul><ul><li>Viewing the attribute is done using Windows Explorer or command-line utilities (e.g., DIR, ATTRIB) </li></ul>
  7. 7. System <ul><li>Originally designed to identify O.S. in MS-DOS </li></ul><ul><li>In Windows Server 2003 </li></ul><ul><ul><li>Used in conjunction with hidden attribute </li></ul></ul><ul><ul><li>When system and hidden both true, file or folder is “super hidden” (not displayed in Windows Explorer interface) </li></ul></ul><ul><ul><li>Treated as “protected operating system files” with specific alternate display options </li></ul></ul><ul><ul><li>Can only be manipulated using ATTRIB command </li></ul></ul>
  8. 8. Hidden <ul><li>Used to make files and folders less visible to users from Windows Explorer and command-line </li></ul><ul><li>Default configuration in Windows Server 2003 displays hidden files as semi-transparent icons unless in conjunction with system attribute </li></ul><ul><li>Hidden attribute can be configured from General tab of Properties </li></ul>
  9. 9. Hidden (continued) <ul><li>Visibility can be configured from View tab of Folder Options from Tools in Windows Explorer </li></ul><ul><ul><li>Show hidden file and folders </li></ul></ul><ul><ul><ul><li>Hidden files and folders appear in Windows Explorer as semi-transparent icons </li></ul></ul></ul><ul><ul><li>Do not show hidden files and folders </li></ul></ul><ul><ul><ul><li>Files with set hidden attributes do not appear in Windows Explorer </li></ul></ul></ul><ul><ul><li>Hide protected operating system files </li></ul></ul><ul><ul><ul><li>All files with both hidden and system attributes set are hidden in Windows Explorer when set </li></ul></ul></ul>
  10. 10. Hidden (continued)
  11. 11. Activity 7-1: Viewing and Configuring File and Folder Attributes Using Windows Explorer <ul><li>Objective: Use Windows Explorer to view and configure file and folder attributes </li></ul><ul><li>Use Windows Explorer to view sets of files and folders that are visible by default </li></ul><ul><li>Reconfigure View settings </li></ul><ul><li>Observe results of configurations </li></ul>
  12. 12. The ATTRIB Command <ul><li>A command-line utility used to view, add or remove the four attributes of files and folders </li></ul><ul><li>Only way to configure system attribute </li></ul><ul><li>Supports wildcards (*) allowing multiple files or folders to be changed simultaneously </li></ul><ul><li>Syntax </li></ul><ul><ul><li>View: attrib filename </li></ul></ul><ul><ul><li>Set: attrib + attribute filename </li></ul></ul><ul><ul><li>Remove: attrib – attribute filename </li></ul></ul>
  13. 13. Activity 7-2: Changing File Attributes Using the ATTRIB Command <ul><li>Objective: View and change file attributes from the command line </li></ul><ul><li>Create a new folder and files </li></ul><ul><li>Observe attributes </li></ul><ul><li>Change attributes using ATTRIB </li></ul><ul><li>Observe changes </li></ul><ul><li>Hide protected files </li></ul><ul><li>Observe changes </li></ul>
  14. 14. Advanced Attributes <ul><li>Advanced attributes found on NTFS partitions or volumes </li></ul><ul><li>Archive and Index attributes </li></ul><ul><ul><li>File is ready for archiving </li></ul></ul><ul><ul><li>Indexing service </li></ul></ul><ul><li>Compress or Encrypt </li></ul><ul><ul><li>Compress contents to save disk space </li></ul></ul><ul><ul><li>Encrypt contents to secure data </li></ul></ul>
  15. 15. Advanced Attributes (continued)
  16. 16. File Compression <ul><li>Reduces amount of disk space needed for files and folders </li></ul><ul><li>Automatically uncompressed when the resource is accessed </li></ul><ul><li>Compressed resources displayed in different color in Windows Explorer (blue by default) </li></ul><ul><li>Moving and copying resources can affect compression </li></ul>
  17. 17. Activity 7-3: Configuring Folder Compression Settings <ul><li>Objective: Configure a folder to compress its contents </li></ul><ul><li>Create a folder, copy a file into it </li></ul><ul><li>Set the compression attribute on the folder to compress itself and its contents </li></ul><ul><li>Note the appearance of the folder and verify compression of contents </li></ul>
  18. 18. Activity 7-3: (continued)
  19. 19. COMPACT <ul><li>Used with NTFS file system only </li></ul><ul><li>Command-line utility for configuring the compression attribute </li></ul><ul><li>Syntax </li></ul><ul><ul><li>COMPACT (to view) </li></ul></ul><ul><ul><li>COMPACT switches resourcename (to set attributes) </li></ul></ul><ul><li>Switches </li></ul><ul><ul><li>/c (to compress resources) </li></ul></ul><ul><ul><li>/u (to uncompress resources) </li></ul></ul>
  20. 20. File Encryption <ul><li>Encrypting File System (EFS) uses public key cryptography to encrypt files and folders </li></ul><ul><li>Only on NTFS file systems </li></ul><ul><li>Transparent to user </li></ul><ul><li>Implemented using 2 main types of keys </li></ul><ul><ul><li>File encryption key (FEK) </li></ul></ul><ul><ul><ul><li>Session key added to header of encrypted data ( data decryption field ) </li></ul></ul></ul><ul><ul><li>Public key encrypts DDF </li></ul></ul>
  21. 21. File Encryption (continued) <ul><li>Main challenge for public key cryptography is when users leave organization </li></ul><ul><li>Can rename user account </li></ul><ul><li>Can use data recovery agent </li></ul><ul><ul><li>FEK also stored in data recovery field (DRF) </li></ul></ul><ul><ul><li>Encrypted using data recovery agent’s public key </li></ul></ul><ul><ul><li>Default is administrator, additional recovery agents can be designated </li></ul></ul><ul><li>Moving or copying files can affect encryption </li></ul><ul><li>Encrypted files cannot be compressed, vice versa </li></ul>
  22. 22. Activity 7-4: Encrypting Files Using Windows Explorer <ul><li>Objective: Implement and test file encryption security using EFS </li></ul><ul><li>Configure encryption on a folder and create a file in the folder </li></ul><ul><li>Try to open the folder and file from another user account and observe results </li></ul><ul><li>Try to open the folder and file from a domain administrator account and observe results </li></ul>
  23. 23. Sharing Encrypted Files <ul><li>In Windows 2000, only user and data recovery agent could access an encrypted file </li></ul><ul><li>In Windows Server 2003, Advanced Attributes allows sharing with other specific named users </li></ul><ul><li>Issues: </li></ul><ul><ul><li>Only for files, not folders </li></ul></ul><ul><ul><li>Can only share with users, not groups </li></ul></ul><ul><ul><li>Users must have a certificate on computer </li></ul></ul><ul><ul><li>Users must have appropriate NTFS permissions </li></ul></ul>
  24. 24. Sharing Encrypted Files (continued)
  25. 25. The CIPHER Command <ul><li>Command-line utility for file and folder encryption </li></ul><ul><ul><li>Used by administrator </li></ul></ul><ul><ul><li>NTFS partitions and volumes only </li></ul></ul><ul><li>Syntax </li></ul><ul><ul><li>CIPHER (to view) </li></ul></ul><ul><ul><li>CIPHER switches resourcename (to set attributes) </li></ul></ul>
  26. 26. The CIPHER Command (continued)
  27. 27. The CIPHER Command (continued) <ul><li>Switches </li></ul><ul><ul><li>/e (to encrypt a folder) </li></ul></ul><ul><ul><li>/d (to decrypt a folder) </li></ul></ul><ul><ul><li>/a (to apply other switches to a file rather than a folder) </li></ul></ul><ul><li>Cannot encrypt files which have their read-only attribute set </li></ul><ul><li>Can use the wildcard character (*) </li></ul>
  28. 28. Activity 7-5: Encrypting Files Using the CIPHER Utility <ul><li>Objective: To encrypt and decrypt files using CIPHER </li></ul><ul><li>Create a new folder and files </li></ul><ul><li>Encrypt a single file and observe the results </li></ul><ul><li>Encrypt files using the wildcard character and observe results </li></ul>
  29. 29. Disk Quotas <ul><li>Disk quotas used to monitor and control user disk space </li></ul><ul><li>Advantages </li></ul><ul><ul><li>Prevents users from consuming all disk space </li></ul></ul><ul><ul><li>Encourages users to delete old files </li></ul></ul><ul><ul><li>Allows monitoring for planning purposes </li></ul></ul><ul><ul><li>Allows monitoring of individual users </li></ul></ul><ul><li>Disabled by default </li></ul><ul><li>Implemented only on NTFS volumes </li></ul><ul><li>Configured from Properties of a volume </li></ul>
  30. 30. Disk Quotas (continued)
  31. 31. Disk Quotas (continued)
  32. 32. Disk Quotas (continued)
  33. 33. Activity 7-6: Configuring and Managing Disk Quotas <ul><li>Objective: Enable and manage disk quota settings </li></ul><ul><li>Enable quota management </li></ul><ul><li>Configure “soft” disk quota settings </li></ul><ul><li>Observe results </li></ul><ul><li>Set up a warning situation and observe results </li></ul>
  34. 34. Managing Disk Quotas from the Command Line <ul><li>FSUTIL QUOTA command-line utility can be used to manage disk quotas </li></ul><ul><ul><li>Can enable/disable, modify, display, track, report </li></ul></ul><ul><ul><li>Example (to enable disk quotas on drive E) </li></ul></ul><ul><ul><ul><li>fsutil quota enforce e: </li></ul></ul></ul><ul><ul><li>Events written to System log (displayed in Event Viewer) every hour by default </li></ul></ul><ul><ul><ul><li>fsutil behavior command can change the interval </li></ul></ul></ul><ul><li>Help available for fsutil quota and fsutil behavior commands in Help and Support Center </li></ul>
  35. 35. Managing Disk Quotas from the Command Line (continued)
  36. 36. Distributed File System <ul><li>Makes it appear that multiple shared-file resources are stored in a single hierarchical structure </li></ul><ul><li>Users do not have to know which server a shared folder resides on </li></ul><ul><li>Configured using the Distributed File System console in Administrative Tools menu </li></ul><ul><li>Tree structure (root and DFS links) </li></ul>
  37. 37. Distributed File System (continued)
  38. 38. DFS Models <ul><li>Two models: </li></ul><ul><ul><li>Standalone DFS model (more limited capabilities) </li></ul></ul><ul><ul><li>Domain-based DFS model </li></ul></ul>
  39. 39. DFS Models (continued) <ul><li>Hierarchical structure is called DFS topology or logical structure, three elements to structure </li></ul><ul><ul><li>The DFS root </li></ul></ul><ul><ul><ul><li>Main container on host server </li></ul></ul></ul><ul><ul><li>The DFS links </li></ul></ul><ul><ul><ul><li>Pointers to physical location of shared folders </li></ul></ul></ul><ul><ul><li>Servers on which the DFS shared folders are replicated as replica sets </li></ul></ul><ul><ul><ul><li>Replica set is set of shared folders that is replicated across multiple servers </li></ul></ul></ul>
  40. 40. Activity 7-7: Implementing Domain-Based DFS and Creating Links <ul><li>Objective: to create a new domain-based DFS root and add DFS links </li></ul><ul><li>Use New Root Wizard from Distributed File System utility to set up a root </li></ul><ul><li>Add links to other folders </li></ul><ul><li>Verify DFS structure </li></ul>
  41. 41. Managing DFS <ul><li>Tasks involved in managing DFS system </li></ul><ul><ul><li>Deleting a DFS root </li></ul></ul><ul><ul><li>Removing a DFS link </li></ul></ul><ul><ul><li>Adding root and link replica sets </li></ul></ul><ul><ul><li>Checking the status of a root or link </li></ul></ul><ul><li>Replication capability provides fault tolerance and load balancing </li></ul><ul><li>DFS replication options and topologies managed from Configure Replication wizard </li></ul>
  42. 42. Managing DFS (continued) <ul><li>DFS element status is indicated with colored icons </li></ul>
  43. 43. Summary <ul><li>File and folder attributes are: </li></ul><ul><ul><li>Read-only (can a resource be modified or deleted) </li></ul></ul><ul><ul><li>Archive (has a resource recently been changed) </li></ul></ul><ul><ul><li>System (does resource have specific display requirements, especially in conjunction with Hidden) </li></ul></ul><ul><ul><li>Hidden (should the resource appear normally in Windows Explorer) </li></ul></ul><ul><li>File and folder attributes can be set through graphical tools or the ATTRIB command-line utility </li></ul>
  44. 44. Summary (continued) <ul><li>Advanced attributes on NTFS partitions or volumes include: </li></ul><ul><ul><li>Archiving (specifies whether to back up file) </li></ul></ul><ul><ul><li>Indexing (makes resource searchable) </li></ul></ul><ul><ul><li>Compression (saves disk space) </li></ul></ul><ul><ul><li>Encryption (makes resources accessible only to those holding keys) </li></ul></ul><ul><li>Command-line utilities for advanced attributes include: </li></ul><ul><ul><li>COMPACT </li></ul></ul><ul><ul><li>CIPHER </li></ul></ul>
  45. 45. Summary (continued) <ul><li>Disk quotas allow management of disk space usage by individual users </li></ul><ul><ul><li>Managed from the Properties of a volume or using the FSUTIL command-line utility </li></ul></ul><ul><li>Distributed File System allows management of shared-file resources </li></ul><ul><ul><li>Appear as a single hierarchical structure </li></ul></ul><ul><ul><li>Can be physically located on different servers </li></ul></ul><ul><ul><li>2 DFS models: standalone and domain-based </li></ul></ul>

×