chapter07 advanced file system management
TRANSCRIPT
![Page 1: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/1.jpg)
Managing a Microsoft Windows Server 2003 Environment
Chapter 7:Advanced File System
Management
![Page 2: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/2.jpg)
2
Objectives
• Understand and configure file and folder attributes• Understand and configure advanced file and folder
attributes• Implement and manage disk quotas• Understand and implement the Distributed File
System
![Page 3: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/3.jpg)
3
File and Folder Attributes• Used since MS-DOS operating system• Attributes describe files, folders, and their
characteristics• Applicable utilities include graphical tools and the
ATTRIB command• Four standard file and folder attributes
• Read-only• Archive• System• hidden
![Page 4: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/4.jpg)
4
Read-only• Designates that the contents of a file cannot be
changed and file cannot be deleted• Available in all file systems (FAT, FAT32, NTFS
partitions and volumes)• FAT, FAT32 attributes can be changed by any user• NTFS attribute can only be changed by a user with
appropriate permissions
• Can be configured for a file or folder• For folders, attribute pertains to the files it contains, not
the folder itself
![Page 5: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/5.jpg)
5
Read-only (continued)
![Page 6: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/6.jpg)
6
Archive• Marks which files and folders have been recently
changed or created• Recently modified files are marked as ready for
archiving• Important for backup• Backup methods update the status of the archive
attribute• Viewing the attribute is done using Windows
Explorer or command-line utilities (e.g., DIR, ATTRIB)
![Page 7: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/7.jpg)
7
System
• Originally designed to identify O.S. in MS-DOS• In Windows Server 2003
• Used in conjunction with hidden attribute
• When system and hidden both true, file or folder is “super hidden” (not displayed in Windows Explorer interface)
• Treated as “protected operating system files” with specific alternate display options
• Can only be manipulated using ATTRIB command
![Page 8: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/8.jpg)
8
Hidden
• Used to make files and folders less visible to users from Windows Explorer and command-line
• Default configuration in Windows Server 2003 displays hidden files as semi-transparent icons unless in conjunction with system attribute
• Hidden attribute can be configured from General tab of Properties
![Page 9: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/9.jpg)
9
Hidden (continued)• Visibility can be configured from View tab of
Folder Options from Tools in Windows Explorer• Show hidden file and folders
• Hidden files and folders appear in Windows Explorer as semi-transparent icons
• Do not show hidden files and folders
• Files with set hidden attributes do not appear in Windows Explorer
• Hide protected operating system files
• All files with both hidden and system attributes set are hidden in Windows Explorer when set
![Page 10: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/10.jpg)
10
Hidden (continued)
![Page 11: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/11.jpg)
11
Activity 7-1: Viewing and Configuring File and Folder
Attributes Using Windows Explorer
• Objective: Use Windows Explorer to view and configure file and folder attributes
• Use Windows Explorer to view sets of files and folders that are visible by default
• Reconfigure View settings• Observe results of configurations
![Page 12: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/12.jpg)
12
The ATTRIB Command
• A command-line utility used to view, add or remove the four attributes of files and folders
• Only way to configure system attribute• Supports wildcards (*) allowing multiple files or
folders to be changed simultaneously• Syntax
• View: attrib filename• Set: attrib +attribute filename• Remove: attrib –attribute filename
![Page 13: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/13.jpg)
13
Activity 7-2: Changing File Attributes Using the ATTRIB
Command• Objective: View and change file attributes from
the command line• Create a new folder and files• Observe attributes• Change attributes using ATTRIB• Observe changes• Hide protected files• Observe changes
![Page 14: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/14.jpg)
14
Advanced Attributes
• Advanced attributes found on NTFS partitions or volumes
• Archive and Index attributes• File is ready for archiving
• Indexing service
• Compress or Encrypt• Compress contents to save disk space
• Encrypt contents to secure data
![Page 15: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/15.jpg)
15
Advanced Attributes (continued)
![Page 16: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/16.jpg)
16
File Compression
• Reduces amount of disk space needed for files and folders
• Automatically uncompressed when the resource is accessed
• Compressed resources displayed in different color in Windows Explorer (blue by default)
• Moving and copying resources can affect compression
![Page 17: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/17.jpg)
17
Activity 7-3: Configuring Folder Compression Settings
• Objective: Configure a folder to compress its contents
• Create a folder, copy a file into it• Set the compression attribute on the folder to
compress itself and its contents• Note the appearance of the folder and verify
compression of contents
![Page 18: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/18.jpg)
18
Activity 7-3: (continued)
![Page 19: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/19.jpg)
19
COMPACT
• Used with NTFS file system only• Command-line utility for configuring the
compression attribute • Syntax
• COMPACT (to view)• COMPACT switches resourcename (to set attributes)
• Switches• /c (to compress resources)• /u (to uncompress resources)
![Page 20: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/20.jpg)
20
File Encryption
• Encrypting File System (EFS) uses public key cryptography to encrypt files and folders
• Only on NTFS file systems• Transparent to user• Implemented using 2 main types of keys
• File encryption key (FEK)
• Session key added to header of encrypted data (data decryption field)
• Public key encrypts DDF
![Page 21: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/21.jpg)
21
File Encryption (continued)• Main challenge for public key cryptography is
when users leave organization• Can rename user account• Can use data recovery agent
• FEK also stored in data recovery field (DRF)• Encrypted using data recovery agent’s public key• Default is administrator, additional recovery agents can
be designated
• Moving or copying files can affect encryption• Encrypted files cannot be compressed, vice versa
![Page 22: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/22.jpg)
22
Activity 7-4: Encrypting Files Using Windows Explorer
• Objective: Implement and test file encryption security using EFS
• Configure encryption on a folder and create a file in the folder
• Try to open the folder and file from another user account and observe results
• Try to open the folder and file from a domain administrator account and observe results
![Page 23: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/23.jpg)
23
Sharing Encrypted Files
• In Windows 2000, only user and data recovery agent could access an encrypted file
• In Windows Server 2003, Advanced Attributes allows sharing with other specific named users
• Issues:• Only for files, not folders
• Can only share with users, not groups
• Users must have a certificate on computer
• Users must have appropriate NTFS permissions
![Page 24: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/24.jpg)
24
Sharing Encrypted Files (continued)
![Page 25: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/25.jpg)
25
The CIPHER Command
• Command-line utility for file and folder encryption• Used by administrator
• NTFS partitions and volumes only
• Syntax• CIPHER (to view)
• CIPHER switches resourcename (to set attributes)
![Page 26: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/26.jpg)
26
The CIPHER Command (continued)
![Page 27: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/27.jpg)
27
The CIPHER Command (continued)
• Switches• /e (to encrypt a folder)
• /d (to decrypt a folder)
• /a (to apply other switches to a file rather than a folder)
• Cannot encrypt files which have their read-only attribute set
• Can use the wildcard character (*)
![Page 28: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/28.jpg)
28
Activity 7-5: Encrypting Files Using the CIPHER Utility
• Objective: To encrypt and decrypt files using CIPHER
• Create a new folder and files• Encrypt a single file and observe the results• Encrypt files using the wildcard character and
observe results
![Page 29: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/29.jpg)
29
Disk Quotas
• Disk quotas used to monitor and control user disk space
• Advantages• Prevents users from consuming all disk space
• Encourages users to delete old files
• Allows monitoring for planning purposes
• Allows monitoring of individual users
• Disabled by default• Implemented only on NTFS volumes• Configured from Properties of a volume
![Page 30: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/30.jpg)
30
Disk Quotas (continued)
![Page 31: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/31.jpg)
31
Disk Quotas (continued)
![Page 32: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/32.jpg)
32
Disk Quotas (continued)
![Page 33: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/33.jpg)
33
Activity 7-6: Configuring and Managing Disk Quotas
• Objective: Enable and manage disk quota settings• Enable quota management• Configure “soft” disk quota settings• Observe results• Set up a warning situation and observe results
![Page 34: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/34.jpg)
34
Managing Disk Quotas from the Command Line
• FSUTIL QUOTA command-line utility can be used to manage disk quotas• Can enable/disable, modify, display, track, report • Example (to enable disk quotas on drive E)
• fsutil quota enforce e:• Events written to System log (displayed in Event
Viewer) every hour by default• fsutil behavior command can change the interval
• Help available for fsutil quota and fsutil behavior commands in Help and Support Center
![Page 35: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/35.jpg)
35
Managing Disk Quotas from the Command Line (continued)
![Page 36: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/36.jpg)
36
Distributed File System
• Makes it appear that multiple shared-file resources are stored in a single hierarchical structure
• Users do not have to know which server a shared folder resides on
• Configured using the Distributed File System console in Administrative Tools menu
• Tree structure (root and DFS links)
![Page 37: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/37.jpg)
37
Distributed File System (continued)
![Page 38: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/38.jpg)
38
DFS Models
• Two models:• Standalone DFS model (more limited capabilities)
• Domain-based DFS model
![Page 39: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/39.jpg)
39
DFS Models (continued)• Hierarchical structure is called DFS topology or
logical structure, three elements to structure• The DFS root
• Main container on host server
• The DFS links
• Pointers to physical location of shared folders
• Servers on which the DFS shared folders are replicated as replica sets
• Replica set is set of shared folders that is replicated across multiple servers
![Page 40: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/40.jpg)
40
Activity 7-7: Implementing Domain-Based DFS and
Creating Links
• Objective: to create a new domain-based DFS root and add DFS links
• Use New Root Wizard from Distributed File System utility to set up a root
• Add links to other folders• Verify DFS structure
![Page 41: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/41.jpg)
41
Managing DFS• Tasks involved in managing DFS system
• Deleting a DFS root
• Removing a DFS link
• Adding root and link replica sets
• Checking the status of a root or link
• Replication capability provides fault tolerance and load balancing
• DFS replication options and topologies managed from Configure Replication wizard
![Page 42: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/42.jpg)
42
Managing DFS (continued)• DFS element status is indicated with colored icons
![Page 43: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/43.jpg)
43
Summary• File and folder attributes are:
• Read-only (can a resource be modified or deleted)
• Archive (has a resource recently been changed)
• System (does resource have specific display requirements, especially in conjunction with Hidden)
• Hidden (should the resource appear normally in Windows Explorer)
• File and folder attributes can be set through graphical tools or the ATTRIB command-line utility
![Page 44: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/44.jpg)
44
Summary (continued)• Advanced attributes on NTFS partitions or
volumes include:• Archiving (specifies whether to back up file)• Indexing (makes resource searchable)• Compression (saves disk space)• Encryption (makes resources accessible only to those
holding keys)
• Command-line utilities for advanced attributes include:• COMPACT• CIPHER
![Page 45: Chapter07 Advanced File System Management](https://reader034.vdocuments.net/reader034/viewer/2022042700/5558956fd8b42aa6708b47af/html5/thumbnails/45.jpg)
45
Summary (continued)• Disk quotas allow management of disk space
usage by individual users• Managed from the Properties of a volume or using the
FSUTIL command-line utility
• Distributed File System allows management of shared-file resources • Appear as a single hierarchical structure
• Can be physically located on different servers
• 2 DFS models: standalone and domain-based