70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced
Download
1 / 45

Objectives - PowerPoint PPT Presentation


  • 115 Views
  • Uploaded on

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management. Objectives. Understand and configure file and folder attributes Understand and configure advanced file and folder attributes Implement and manage disk quotas

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Objectives' - sine


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, EnhancedChapter 7:Advanced File System Management


Objectives
Objectives 2003 Environment, Enhanced

  • Understand and configure file and folder attributes

  • Understand and configure advanced file and folder attributes

  • Implement and manage disk quotas

  • Understand and implement the Distributed File System

Guide to MCSE 70-290, Enhanced


File and folder attributes
File and Folder Attributes 2003 Environment, Enhanced

  • Used since MS-DOS operating system

  • Attributes describe files, folders, and their characteristics

  • Applicable utilities include graphical tools and the ATTRIB command

  • Four standard file and folder attributes

    • Read-only

    • Archive

    • System

    • hidden

Guide to MCSE 70-290, Enhanced


Read only
Read-only 2003 Environment, Enhanced

  • Designates that the contents of a file cannot be changed and file cannot be deleted

  • Available in all file systems (FAT, FAT32, NTFS partitions and volumes)

    • FAT, FAT32 attributes can be changed by any user

    • NTFS attribute can only be changed by a user with appropriate permissions

  • Can be configured for a file or folder

    • For folders, attribute pertains to the files it contains, not the folder itself

Guide to MCSE 70-290, Enhanced


Read only continued
Read-only (continued) 2003 Environment, Enhanced

Guide to MCSE 70-290, Enhanced


Archive
Archive 2003 Environment, Enhanced

  • Marks which files and folders have been recently changed or created

  • Recently modified files are marked as ready for archiving

  • Important for backup

  • Backup methods update the status of the archive attribute

  • Viewing the attribute is done using Windows Explorer or command-line utilities (e.g., DIR, ATTRIB)

Guide to MCSE 70-290, Enhanced


System
System 2003 Environment, Enhanced

  • Originally designed to identify O.S. in MS-DOS

  • In Windows Server 2003

    • Used in conjunction with hidden attribute

    • When system and hidden both true, file or folder is “super hidden” (not displayed in Windows Explorer interface)

    • Treated as “protected operating system files” with specific alternate display options

    • Can only be manipulated using ATTRIB command

Guide to MCSE 70-290, Enhanced


Hidden
Hidden 2003 Environment, Enhanced

  • Used to make files and folders less visible to users from Windows Explorer and command-line

  • Default configuration in Windows Server 2003 displays hidden files as semi-transparent icons unless in conjunction with system attribute

  • Hidden attribute can be configured from General tab of Properties

Guide to MCSE 70-290, Enhanced


Hidden continued
Hidden (continued) 2003 Environment, Enhanced

  • Visibility can be configured from View tab of Folder Options from Tools in Windows Explorer

    • Show hidden file and folders

      • Hidden files and folders appear in Windows Explorer as semi-transparent icons

    • Do not show hidden files and folders

      • Files with set hidden attributes do not appear in Windows Explorer

    • Hide protected operating system files

      • All files with both hidden and system attributes set are hidden in Windows Explorer when set

Guide to MCSE 70-290, Enhanced


Hidden continued1
Hidden (continued) 2003 Environment, Enhanced

Guide to MCSE 70-290, Enhanced


Activity 7 1 viewing and configuring file and folder attributes using windows explorer
Activity 7-1: Viewing and Configuring File and Folder Attributes Using Windows Explorer

  • Objective: Use Windows Explorer to view and configure file and folder attributes

  • Use Windows Explorer to view sets of files and folders that are visible by default

  • Reconfigure View settings

  • Observe results of configurations

Guide to MCSE 70-290, Enhanced


The attrib command
The ATTRIB Command Attributes Using Windows Explorer

  • A command-line utility used to view, add or remove the four attributes of files and folders

  • Only way to configure system attribute

  • Supports wildcards (*) allowing multiple files or folders to be changed simultaneously

  • Syntax

    • View: attrib filename

    • Set: attrib +attributefilename

    • Remove: attrib –attributefilename

Guide to MCSE 70-290, Enhanced


Activity 7 2 changing file attributes using the attrib command
Activity 7-2: Changing File Attributes Using the ATTRIB Command

  • Objective: View and change file attributes from the command line

  • Create a new folder and files

  • Observe attributes

  • Change attributes using ATTRIB

  • Observe changes

  • Hide protected files

  • Observe changes

Guide to MCSE 70-290, Enhanced


Advanced attributes
Advanced Attributes Command

  • Advanced attributes found on NTFS partitions or volumes

  • Archive and Index attributes

    • File is ready for archiving

    • Indexing service

  • Compress or Encrypt

    • Compress contents to save disk space

    • Encrypt contents to secure data

Guide to MCSE 70-290, Enhanced


Advanced attributes continued
Advanced Attributes (continued) Command

Guide to MCSE 70-290, Enhanced


File compression
File Compression Command

  • Reduces amount of disk space needed for files and folders

  • Automatically uncompressed when the resource is accessed

  • Compressed resources displayed in different color in Windows Explorer (blue by default)

  • Moving and copying resources can affect compression

Guide to MCSE 70-290, Enhanced


Activity 7 3 configuring folder compression settings
Activity 7-3: Configuring Folder Compression Settings Command

  • Objective: Configure a folder to compress its contents

  • Create a folder, copy a file into it

  • Set the compression attribute on the folder to compress itself and its contents

  • Note the appearance of the folder and verify compression of contents

Guide to MCSE 70-290, Enhanced


Activity 7 3 continued
Activity 7-3: (continued) Command

Guide to MCSE 70-290, Enhanced


Compact
COMPACT Command

  • Used with NTFS file system only

  • Command-line utility for configuring the compression attribute

  • Syntax

    • COMPACT(to view)

    • COMPACT switchesresourcename (to set attributes)

  • Switches

    • /c (to compress resources)

    • /u (to uncompress resources)

Guide to MCSE 70-290, Enhanced


File encryption
File Encryption Command

  • Encrypting File System (EFS) uses public key cryptography to encrypt files and folders

  • Only on NTFS file systems

  • Transparent to user

  • Implemented using 2 main types of keys

    • File encryption key (FEK)

      • Session key added to header of encrypted data (data decryption field)

    • Public key encrypts DDF

Guide to MCSE 70-290, Enhanced


File encryption continued
File Encryption (continued) Command

  • Main challenge for public key cryptography is when users leave organization

  • Can rename user account

  • Can use data recovery agent

    • FEK also stored in data recovery field (DRF)

    • Encrypted using data recovery agent’s public key

    • Default is administrator, additional recovery agents can be designated

  • Moving or copying files can affect encryption

  • Encrypted files cannot be compressed, vice versa

Guide to MCSE 70-290, Enhanced


Activity 7 4 encrypting files using windows explorer
Activity 7-4: Encrypting Files Using Windows Explorer Command

  • Objective: Implement and test file encryption security using EFS

  • Configure encryption on a folder and create a file in the folder

  • Try to open the folder and file from another user account and observe results

  • Try to open the folder and file from a domain administrator account and observe results

Guide to MCSE 70-290, Enhanced


Sharing encrypted files
Sharing Encrypted Files Command

  • In Windows 2000, only user and data recovery agent could access an encrypted file

  • In Windows Server 2003, Advanced Attributes allows sharing with other specific named users

  • Issues:

    • Only for files, not folders

    • Can only share with users, not groups

    • Users must have a certificate on computer

    • Users must have appropriate NTFS permissions

Guide to MCSE 70-290, Enhanced


Sharing encrypted files continued
Sharing Encrypted Files (continued) Command

Guide to MCSE 70-290, Enhanced


The cipher command
The CIPHER Command Command

  • Command-line utility for file and folder encryption

    • Used by administrator

    • NTFS partitions and volumes only

  • Syntax

    • CIPHER(to view)

    • CIPHER switchesresourcename (to set attributes)

Guide to MCSE 70-290, Enhanced


The cipher command continued
The CIPHER Command (continued) Command

Guide to MCSE 70-290, Enhanced


The cipher command continued1
The CIPHER Command (continued) Command

  • Switches

    • /e (to encrypt a folder)

    • /d (to decrypt a folder)

    • /a (to apply other switches to a file rather than a folder)

  • Cannot encrypt files which have their read-only attribute set

  • Can use the wildcard character (*)

Guide to MCSE 70-290, Enhanced


Activity 7 5 encrypting files using the cipher utility
Activity 7-5: Encrypting Files Using the CIPHER Utility Command

  • Objective: To encrypt and decrypt files using CIPHER

  • Create a new folder and files

  • Encrypt a single file and observe the results

  • Encrypt files using the wildcard character and observe results

Guide to MCSE 70-290, Enhanced


Disk quotas
Disk Quotas Command

  • Disk quotas used to monitor and control user disk space

  • Advantages

    • Prevents users from consuming all disk space

    • Encourages users to delete old files

    • Allows monitoring for planning purposes

    • Allows monitoring of individual users

  • Disabled by default

  • Implemented only on NTFS volumes

  • Configured from Properties of a volume

Guide to MCSE 70-290, Enhanced


Disk quotas continued
Disk Quotas (continued) Command

Guide to MCSE 70-290, Enhanced


Disk quotas continued1
Disk Quotas (continued) Command

Guide to MCSE 70-290, Enhanced


Disk quotas continued2
Disk Quotas (continued) Command

Guide to MCSE 70-290, Enhanced


Activity 7 6 configuring and managing disk quotas
Activity 7-6: Configuring and Managing Disk Quotas Command

  • Objective: Enable and manage disk quota settings

  • Enable quota management

  • Configure “soft” disk quota settings

  • Observe results

  • Set up a warning situation and observe results

Guide to MCSE 70-290, Enhanced


Managing disk quotas from the command line
Managing Disk Quotas from the Command Line Command

  • FSUTIL QUOTA command-line utility can be used to manage disk quotas

    • Can enable/disable, modify, display, track, report

    • Example (to enable disk quotas on drive E)

      • fsutil quota enforce e:

    • Events written to System log (displayed in Event Viewer) every hour by default

      • fsutil behavior command can change the interval

  • Help available for fsutil quota and fsutil behavior commands in Help and Support Center

Guide to MCSE 70-290, Enhanced


Managing disk quotas from the command line continued
Managing Disk Quotas from the Command Line (continued) Command

Guide to MCSE 70-290, Enhanced


Distributed file system
Distributed File System Command

  • Makes it appear that multiple shared-file resources are stored in a single hierarchical structure

  • Users do not have to know which server a shared folder resides on

  • Configured using the Distributed File System console in Administrative Tools menu

  • Tree structure (root and DFS links)

Guide to MCSE 70-290, Enhanced


Distributed file system continued
Distributed File System (continued) Command

Guide to MCSE 70-290, Enhanced


Dfs models
DFS Models Command

  • Two models:

    • Standalone DFS model (more limited capabilities)

    • Domain-based DFS model

Guide to MCSE 70-290, Enhanced


Dfs models continued
DFS Models (continued) Command

  • Hierarchical structure is called DFS topology or logical structure, three elements to structure

    • The DFS root

      • Main container on host server

    • The DFS links

      • Pointers to physical location of shared folders

    • Servers on which the DFS shared folders are replicated as replica sets

      • Replica set is set of shared folders that is replicated across multiple servers

Guide to MCSE 70-290, Enhanced


Activity 7 7 implementing domain based dfs and creating links
Activity 7-7: Implementing Domain-Based DFS and Creating Links

  • Objective: to create a new domain-based DFS root and add DFS links

  • Use New Root Wizard from Distributed File System utility to set up a root

  • Add links to other folders

  • Verify DFS structure

Guide to MCSE 70-290, Enhanced


Managing dfs
Managing DFS Links

  • Tasks involved in managing DFS system

    • Deleting a DFS root

    • Removing a DFS link

    • Adding root and link replica sets

    • Checking the status of a root or link

  • Replication capability provides fault tolerance and load balancing

  • DFS replication options and topologies managed from Configure Replication wizard

Guide to MCSE 70-290, Enhanced


Managing dfs continued
Managing DFS (continued) Links

  • DFS element status is indicated with colored icons

Guide to MCSE 70-290, Enhanced


Summary
Summary Links

  • File and folder attributes are:

    • Read-only (can a resource be modified or deleted)

    • Archive (has a resource recently been changed)

    • System (does resource have specific display requirements, especially in conjunction with Hidden)

    • Hidden (should the resource appear normally in Windows Explorer)

  • File and folder attributes can be set through graphical tools or the ATTRIB command-line utility

Guide to MCSE 70-290, Enhanced


Summary continued
Summary (continued) Links

  • Advanced attributes on NTFS partitions or volumes include:

    • Archiving (specifies whether to back up file)

    • Indexing (makes resource searchable)

    • Compression (saves disk space)

    • Encryption (makes resources accessible only to those holding keys)

  • Command-line utilities for advanced attributes include:

    • COMPACT

    • CIPHER

Guide to MCSE 70-290, Enhanced


Summary continued1
Summary (continued) Links

  • Disk quotas allow management of disk space usage by individual users

    • Managed from the Properties of a volume or using the FSUTIL command-line utility

  • Distributed File System allows management of shared-file resources

    • Appear as a single hierarchical structure

    • Can be physically located on different servers

    • 2 DFS models: standalone and domain-based

Guide to MCSE 70-290, Enhanced


ad