200 likes | 387 Views
Objectives. Discuss File Services in Windows Server 2008 Install the Distributed File System in Windows Server 2008 Discuss and create shared file resources in Windows Server 2008 Encrypting File Services. Introduction to File Services.
E N D
Objectives • Discuss File Services in Windows Server 2008 • Install the Distributed File System in Windows Server 2008 • Discuss and create shared file resources in Windows Server 2008 • Encrypting File Services
Introduction to File Services • Functions of the Windows Server 2008 File Services role • File Server • Distributed File System • File Server Resource Manager • Services for Network File System • Windows Server 2003 File Services
File and Folder Sharing • Sharing creates • A network access point for clients to access data across the network • Clients use • Server Message Block (SMB) connections to access shared resources
Public and Standard Sharing • Public folder sharing • Allows users to share files with all the users logged on locally or on the network, if that feature is enabled • Public folders are located in the • %systemdrive%\Users\Public directory • Standard file sharing • Makes files and folders accessible from a network location • NTFS • The preferred format in Windows Server 2008 • Shares on FAT32 volumes can only use share permissions
Share Permission • Share-level permissions • Defined at the shared resource level • Allow clients access to a network share • Apply only when a file or folder is being accessed via the network • Do not apply to a user logged into the machine locally
Hidden Shares • Default and administrative shares • Administrative shares can be identified by name because they always end with a dollar sign ($) • Default shares include: • Drive Letter Shares • Admin$ • IPC$ • NETLOGON
NTFS Permission • User-level permissions • Defined at the folder or file level • NTFS • The preferred file system used in Windows networks • Permissions apply anytime a file or folder resource is accessed • Permissions are divided into two types: file permissions and folder permissions
Access Control • Access control lists (ACL) • Used by NTFS to define permissions to resources • Authentication • Token: object attached to a user’s account that validates the user’s identity and privileges • Security identifiers (SIDs): used to make every user, computer, and resource on a network unique
Deploying Shares • File and folder sharing can be implemented through: • Shared Folders console • Computer Management console • Windows Explorer • File Sharing Wizard or Right ClickPropertiesSharing • Net share command • Share and Storage Management console
Offline Files • Allow shared file resources to be available to clients when they are not connected to the network • Caching: defined by administrators at the shared resource level
Encrypting File Services Symmetric encryption Uses a single key and is faster and more efficient than public key encryption Public-Private key pair (asymmetric) encryption Each user has a public key available to everyone and a private key known only to the user EFS in Windows Server 2008 When a user encrypts a file, a symmetric file encryption key (FEK) is generated that EFS uses to encrypt the file User’s public key locked FEK Only user’s private key can unlock FEK EFS only affects accessing file LOCALLY 11
Distributed File System • Distributed File System (DFS) • Set of client and server services that allows companies to deploy their shared file resources as a single file structure • Comprised of two technologies • DFS namespace • Allows you to create an entry point for shared file resources using a naming convention of your choice • Two types of implementations • Domain-based • Stand-alone • DFS replication: Synchronize Data within DFS • Load balancing • Fault Tolerance • Backup centralization
Configuring DFS • Steps for deploying DFS • Install the File Services role and the Distributed File System role services • Create a namespace to act as a central point for access • Add folders to the namespace • Configure the DFS referral order • Create a DFS replication group
Configuring DFS (continued) • Adding servers to DFS namespace • Once added to the DFS namespace • The new server creates the file system hierarchy for the namespace in its DFS root located at c:\DFSRoot • Configuring the DFS referral order • DFS namespaces use a referral order to determine the DFS server that will provide shared resources to client requests
Managing Server 2008 with FSRM • FSRM (File Server Resource Manger) allows administrators to perform various tasks in managing files and disk volumes through the FSRM console, including: • Managing file and disk quotas • Screening files using built-in and custom templates • Block specific types of files from being stored in Windows Server 2008 file directories • Creating reports on storage resources • Forecast space needs and plan for deploying additional storage