slide1
Download
Skip this Video
Download Presentation
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management

Loading in 2 Seconds...

play fullscreen
1 / 45

Advanced File System Management - PowerPoint PPT Presentation


  • 391 Views
  • Uploaded on

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management Objectives Understand and configure file and folder attributes Understand and configure advanced file and folder attributes Implement and manage disk quotas

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Advanced File System Management' - bernad


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 EnvironmentChapter 7:Advanced File System Management

objectives
Objectives
  • Understand and configure file and folder attributes
  • Understand and configure advanced file and folder attributes
  • Implement and manage disk quotas
  • Understand and implement the Distributed File System

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

file and folder attributes
File and Folder Attributes
  • Used since MS-DOS operating system
  • Attributes describe files, folders, and their characteristics
  • Applicable utilities include graphical tools and the ATTRIB command
  • Four standard file and folder attributes
    • Read-only
    • Archive
    • System
    • hidden

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

read only
Read-only
  • Designates that the contents of a file cannot be changed and file cannot be deleted
  • Available in all file systems (FAT, FAT32, NTFS partitions and volumes)
    • FAT, FAT32 attributes can be changed by any user
    • NTFS attribute can only be changed by a user with appropriate permissions
  • Can be configured for a file or folder
    • For folders, attribute pertains to the files it contains, not the folder itself

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

read only continued
Read-only (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

archive
Archive
  • Marks which files and folders have been recently changed or created
  • Recently modified files are marked as ready for archiving
  • Important for backup
  • Backup methods update the status of the archive attribute
  • Viewing the attribute is done using Windows Explorer or command-line utilities (e.g., DIR, ATTRIB)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

system
System
  • Originally designed to identify O.S. in MS-DOS
  • In Windows Server 2003
    • Used in conjunction with hidden attribute
    • When system and hidden both true, file or folder is “super hidden” (not displayed in Windows Explorer interface)
    • Treated as “protected operating system files” with specific alternate display options
    • Can only be manipulated using ATTRIB command

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

hidden
Hidden
  • Used to make files and folders less visible to users from Windows Explorer and command-line
  • Default configuration in Windows Server 2003 displays hidden files as semi-transparent icons unless in conjunction with system attribute
  • Hidden attribute can be configured from General tab of Properties

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

hidden continued
Hidden (continued)
  • Visibility can be configured from View tab of Folder Options from Tools in Windows Explorer
    • Show hidden file and folders
      • Hidden files and folders appear in Windows Explorer as semi-transparent icons
    • Do not show hidden files and folders
      • Files with set hidden attributes do not appear in Windows Explorer
    • Hide protected operating system files
      • All files with both hidden and system attributes set are hidden in Windows Explorer when set

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

hidden continued10
Hidden (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

activity 7 1 viewing and configuring file and folder attributes using windows explorer
Activity 7-1: Viewing and Configuring File and Folder Attributes Using Windows Explorer
  • Objective: Use Windows Explorer to view and configure file and folder attributes
  • Use Windows Explorer to view sets of files and folders that are visible by default
  • Reconfigure View settings
  • Observe results of configurations

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

the attrib command
The ATTRIB Command
  • A command-line utility used to view, add or remove the four attributes of files and folders
  • Only way to configure system attribute
  • Supports wildcards (*) allowing multiple files or folders to be changed simultaneously
  • Syntax
    • View: attrib filename
    • Set: attrib +attributefilename
    • Remove: attrib –attributefilename

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

activity 7 2 changing file attributes using the attrib command
Activity 7-2: Changing File Attributes Using the ATTRIB Command
  • Objective: View and change file attributes from the command line
  • Create a new folder and files
  • Observe attributes
  • Change attributes using ATTRIB
  • Observe changes
  • Hide protected files
  • Observe changes

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

advanced attributes
Advanced Attributes
  • Advanced attributes found on NTFS partitions or volumes
  • Archive and Index attributes
    • File is ready for archiving
    • Indexing service
  • Compress or Encrypt
    • Compress contents to save disk space
    • Encrypt contents to secure data

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

advanced attributes continued
Advanced Attributes (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

file compression
File Compression
  • Reduces amount of disk space needed for files and folders
  • Automatically uncompressed when the resource is accessed
  • Compressed resources displayed in different color in Windows Explorer (blue by default)
  • Moving and copying resources can affect compression

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

activity 7 3 configuring folder compression settings
Activity 7-3: Configuring Folder Compression Settings
  • Objective: Configure a folder to compress its contents
  • Create a folder, copy a file into it
  • Set the compression attribute on the folder to compress itself and its contents
  • Note the appearance of the folder and verify compression of contents

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

activity 7 3 continued
Activity 7-3: (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

compact
COMPACT
  • Used with NTFS file system only
  • Command-line utility for configuring the compression attribute
  • Syntax
    • COMPACT(to view)
    • COMPACT switchesresourcename (to set attributes)
  • Switches
    • /c (to compress resources)
    • /u (to uncompress resources)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

file encryption
File Encryption
  • Encrypting File System (EFS) uses public key cryptography to encrypt files and folders
  • Only on NTFS file systems
  • Transparent to user
  • Implemented using 2 main types of keys
    • File encryption key (FEK)
      • Session key added to header of encrypted data (data decryption field)
    • Public key encrypts DDF

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

file encryption continued
File Encryption (continued)
  • Main challenge for public key cryptography is when users leave organization
  • Can rename user account
  • Can use data recovery agent
    • FEK also stored in data recovery field (DRF)
    • Encrypted using data recovery agent’s public key
    • Default is administrator, additional recovery agents can be designated
  • Moving or copying files can affect encryption
  • Encrypted files cannot be compressed, vice versa

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

activity 7 4 encrypting files using windows explorer
Activity 7-4: Encrypting Files Using Windows Explorer
  • Objective: Implement and test file encryption security using EFS
  • Configure encryption on a folder and create a file in the folder
  • Try to open the folder and file from another user account and observe results
  • Try to open the folder and file from a domain administrator account and observe results

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

sharing encrypted files
Sharing Encrypted Files
  • In Windows 2000, only user and data recovery agent could access an encrypted file
  • In Windows Server 2003, Advanced Attributes allows sharing with other specific named users
  • Issues:
    • Only for files, not folders
    • Can only share with users, not groups
    • Users must have a certificate on computer
    • Users must have appropriate NTFS permissions

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

sharing encrypted files continued
Sharing Encrypted Files (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

the cipher command
The CIPHER Command
  • Command-line utility for file and folder encryption
    • Used by administrator
    • NTFS partitions and volumes only
  • Syntax
    • CIPHER(to view)
    • CIPHER switchesresourcename (to set attributes)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

the cipher command continued
The CIPHER Command (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

the cipher command continued27
The CIPHER Command (continued)
  • Switches
    • /e (to encrypt a folder)
    • /d (to decrypt a folder)
    • /a (to apply other switches to a file rather than a folder)
  • Cannot encrypt files which have their read-only attribute set
  • Can use the wildcard character (*)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

activity 7 5 encrypting files using the cipher utility
Activity 7-5: Encrypting Files Using the CIPHER Utility
  • Objective: To encrypt and decrypt files using CIPHER
  • Create a new folder and files
  • Encrypt a single file and observe the results
  • Encrypt files using the wildcard character and observe results

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

disk quotas
Disk Quotas
  • Disk quotas used to monitor and control user disk space
  • Advantages
    • Prevents users from consuming all disk space
    • Encourages users to delete old files
    • Allows monitoring for planning purposes
    • Allows monitoring of individual users
  • Disabled by default
  • Implemented only on NTFS volumes
  • Configured from Properties of a volume

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

disk quotas continued
Disk Quotas (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

disk quotas continued31
Disk Quotas (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

disk quotas continued32
Disk Quotas (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

activity 7 6 configuring and managing disk quotas
Activity 7-6: Configuring and Managing Disk Quotas
  • Objective: Enable and manage disk quota settings
  • Enable quota management
  • Configure “soft” disk quota settings
  • Observe results
  • Set up a warning situation and observe results

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

managing disk quotas from the command line
Managing Disk Quotas from the Command Line
  • FSUTIL QUOTA command-line utility can be used to manage disk quotas
    • Can enable/disable, modify, display, track, report
    • Example (to enable disk quotas on drive E)
      • fsutil quota enforce e:
    • Events written to System log (displayed in Event Viewer) every hour by default
      • fsutil behavior command can change the interval
  • Help available for fsutil quota and fsutil behavior commands in Help and Support Center

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

managing disk quotas from the command line continued
Managing Disk Quotas from the Command Line (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

distributed file system
Distributed File System
  • Makes it appear that multiple shared-file resources are stored in a single hierarchical structure
  • Users do not have to know which server a shared folder resides on
  • Configured using the Distributed File System console in Administrative Tools menu
  • Tree structure (root and DFS links)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

distributed file system continued
Distributed File System (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

dfs models
DFS Models
  • Two models:
    • Standalone DFS model (more limited capabilities)
    • Domain-based DFS model

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

dfs models continued
DFS Models (continued)
  • Hierarchical structure is called DFS topology or logical structure, three elements to structure
    • The DFS root
      • Main container on host server
    • The DFS links
      • Pointers to physical location of shared folders
    • Servers on which the DFS shared folders are replicated as replica sets
      • Replica set is set of shared folders that is replicated across multiple servers

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

activity 7 7 implementing domain based dfs and creating links
Activity 7-7: Implementing Domain-Based DFS and Creating Links
  • Objective: to create a new domain-based DFS root and add DFS links
  • Use New Root Wizard from Distributed File System utility to set up a root
  • Add links to other folders
  • Verify DFS structure

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

managing dfs
Managing DFS
  • Tasks involved in managing DFS system
    • Deleting a DFS root
    • Removing a DFS link
    • Adding root and link replica sets
    • Checking the status of a root or link
  • Replication capability provides fault tolerance and load balancing
  • DFS replication options and topologies managed from Configure Replication wizard

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

managing dfs continued
Managing DFS (continued)
  • DFS element status is indicated with colored icons

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

summary
Summary
  • File and folder attributes are:
    • Read-only (can a resource be modified or deleted)
    • Archive (has a resource recently been changed)
    • System (does resource have specific display requirements, especially in conjunction with Hidden)
    • Hidden (should the resource appear normally in Windows Explorer)
  • File and folder attributes can be set through graphical tools or the ATTRIB command-line utility

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

summary continued
Summary (continued)
  • Advanced attributes on NTFS partitions or volumes include:
    • Archiving (specifies whether to back up file)
    • Indexing (makes resource searchable)
    • Compression (saves disk space)
    • Encryption (makes resources accessible only to those holding keys)
  • Command-line utilities for advanced attributes include:
    • COMPACT
    • CIPHER

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

summary continued45
Summary (continued)
  • Disk quotas allow management of disk space usage by individual users
    • Managed from the Properties of a volume or using the FSUTIL command-line utility
  • Distributed File System allows management of shared-file resources
    • Appear as a single hierarchical structure
    • Can be physically located on different servers
    • 2 DFS models: standalone and domain-based

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment

ad