1 / 45

Objectives

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management. Objectives. Understand and configure file and folder attributes Understand and configure advanced file and folder attributes Implement and manage disk quotas

trilby
Download Presentation

Objectives

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. 70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, EnhancedChapter 7:Advanced File System Management

  2. Objectives • Understand and configure file and folder attributes • Understand and configure advanced file and folder attributes • Implement and manage disk quotas • Understand and implement the Distributed File System Guide to MCSE 70-290, Enhanced

  3. File and Folder Attributes • Used since MS-DOS operating system • Attributes describe files, folders, and their characteristics • Applicable utilities include graphical tools and the ATTRIB command • Four standard file and folder attributes • Read-only • Archive • System • hidden Guide to MCSE 70-290, Enhanced

  4. Read-only • Designates that the contents of a file cannot be changed and file cannot be deleted • Available in all file systems (FAT, FAT32, NTFS partitions and volumes) • FAT, FAT32 attributes can be changed by any user • NTFS attribute can only be changed by a user with appropriate permissions • Can be configured for a file or folder • For folders, attribute pertains to the files it contains, not the folder itself Guide to MCSE 70-290, Enhanced

  5. Read-only (continued) Guide to MCSE 70-290, Enhanced

  6. Archive • Marks which files and folders have been recently changed or created • Recently modified files are marked as ready for archiving • Important for backup • Backup methods update the status of the archive attribute • Viewing the attribute is done using Windows Explorer or command-line utilities (e.g., DIR, ATTRIB) Guide to MCSE 70-290, Enhanced

  7. System • Originally designed to identify O.S. in MS-DOS • In Windows Server 2003 • Used in conjunction with hidden attribute • When system and hidden both true, file or folder is “super hidden” (not displayed in Windows Explorer interface) • Treated as “protected operating system files” with specific alternate display options • Can only be manipulated using ATTRIB command Guide to MCSE 70-290, Enhanced

  8. Hidden • Used to make files and folders less visible to users from Windows Explorer and command-line • Default configuration in Windows Server 2003 displays hidden files as semi-transparent icons unless in conjunction with system attribute • Hidden attribute can be configured from General tab of Properties Guide to MCSE 70-290, Enhanced

  9. Hidden (continued) • Visibility can be configured from View tab of Folder Options from Tools in Windows Explorer • Show hidden file and folders • Hidden files and folders appear in Windows Explorer as semi-transparent icons • Do not show hidden files and folders • Files with set hidden attributes do not appear in Windows Explorer • Hide protected operating system files • All files with both hidden and system attributes set are hidden in Windows Explorer when set Guide to MCSE 70-290, Enhanced

  10. Hidden (continued) Guide to MCSE 70-290, Enhanced

  11. Activity 7-1: Viewing and Configuring File and Folder Attributes Using Windows Explorer • Objective: Use Windows Explorer to view and configure file and folder attributes • Use Windows Explorer to view sets of files and folders that are visible by default • Reconfigure View settings • Observe results of configurations Guide to MCSE 70-290, Enhanced

  12. The ATTRIB Command • A command-line utility used to view, add or remove the four attributes of files and folders • Only way to configure system attribute • Supports wildcards (*) allowing multiple files or folders to be changed simultaneously • Syntax • View: attrib filename • Set: attrib +attributefilename • Remove: attrib –attributefilename Guide to MCSE 70-290, Enhanced

  13. Activity 7-2: Changing File Attributes Using the ATTRIB Command • Objective: View and change file attributes from the command line • Create a new folder and files • Observe attributes • Change attributes using ATTRIB • Observe changes • Hide protected files • Observe changes Guide to MCSE 70-290, Enhanced

  14. Advanced Attributes • Advanced attributes found on NTFS partitions or volumes • Archive and Index attributes • File is ready for archiving • Indexing service • Compress or Encrypt • Compress contents to save disk space • Encrypt contents to secure data Guide to MCSE 70-290, Enhanced

  15. Advanced Attributes (continued) Guide to MCSE 70-290, Enhanced

  16. File Compression • Reduces amount of disk space needed for files and folders • Automatically uncompressed when the resource is accessed • Compressed resources displayed in different color in Windows Explorer (blue by default) • Moving and copying resources can affect compression Guide to MCSE 70-290, Enhanced

  17. Activity 7-3: Configuring Folder Compression Settings • Objective: Configure a folder to compress its contents • Create a folder, copy a file into it • Set the compression attribute on the folder to compress itself and its contents • Note the appearance of the folder and verify compression of contents Guide to MCSE 70-290, Enhanced

  18. Activity 7-3: (continued) Guide to MCSE 70-290, Enhanced

  19. COMPACT • Used with NTFS file system only • Command-line utility for configuring the compression attribute • Syntax • COMPACT(to view) • COMPACT switchesresourcename (to set attributes) • Switches • /c (to compress resources) • /u (to uncompress resources) Guide to MCSE 70-290, Enhanced

  20. File Encryption • Encrypting File System (EFS) uses public key cryptography to encrypt files and folders • Only on NTFS file systems • Transparent to user • Implemented using 2 main types of keys • File encryption key (FEK) • Session key added to header of encrypted data (data decryption field) • Public key encrypts DDF Guide to MCSE 70-290, Enhanced

  21. File Encryption (continued) • Main challenge for public key cryptography is when users leave organization • Can rename user account • Can use data recovery agent • FEK also stored in data recovery field (DRF) • Encrypted using data recovery agent’s public key • Default is administrator, additional recovery agents can be designated • Moving or copying files can affect encryption • Encrypted files cannot be compressed, vice versa Guide to MCSE 70-290, Enhanced

  22. Activity 7-4: Encrypting Files Using Windows Explorer • Objective: Implement and test file encryption security using EFS • Configure encryption on a folder and create a file in the folder • Try to open the folder and file from another user account and observe results • Try to open the folder and file from a domain administrator account and observe results Guide to MCSE 70-290, Enhanced

  23. Sharing Encrypted Files • In Windows 2000, only user and data recovery agent could access an encrypted file • In Windows Server 2003, Advanced Attributes allows sharing with other specific named users • Issues: • Only for files, not folders • Can only share with users, not groups • Users must have a certificate on computer • Users must have appropriate NTFS permissions Guide to MCSE 70-290, Enhanced

  24. Sharing Encrypted Files (continued) Guide to MCSE 70-290, Enhanced

  25. The CIPHER Command • Command-line utility for file and folder encryption • Used by administrator • NTFS partitions and volumes only • Syntax • CIPHER(to view) • CIPHER switchesresourcename (to set attributes) Guide to MCSE 70-290, Enhanced

  26. The CIPHER Command (continued) Guide to MCSE 70-290, Enhanced

  27. The CIPHER Command (continued) • Switches • /e (to encrypt a folder) • /d (to decrypt a folder) • /a (to apply other switches to a file rather than a folder) • Cannot encrypt files which have their read-only attribute set • Can use the wildcard character (*) Guide to MCSE 70-290, Enhanced

  28. Activity 7-5: Encrypting Files Using the CIPHER Utility • Objective: To encrypt and decrypt files using CIPHER • Create a new folder and files • Encrypt a single file and observe the results • Encrypt files using the wildcard character and observe results Guide to MCSE 70-290, Enhanced

  29. Disk Quotas • Disk quotas used to monitor and control user disk space • Advantages • Prevents users from consuming all disk space • Encourages users to delete old files • Allows monitoring for planning purposes • Allows monitoring of individual users • Disabled by default • Implemented only on NTFS volumes • Configured from Properties of a volume Guide to MCSE 70-290, Enhanced

  30. Disk Quotas (continued) Guide to MCSE 70-290, Enhanced

  31. Disk Quotas (continued) Guide to MCSE 70-290, Enhanced

  32. Disk Quotas (continued) Guide to MCSE 70-290, Enhanced

  33. Activity 7-6: Configuring and Managing Disk Quotas • Objective: Enable and manage disk quota settings • Enable quota management • Configure “soft” disk quota settings • Observe results • Set up a warning situation and observe results Guide to MCSE 70-290, Enhanced

  34. Managing Disk Quotas from the Command Line • FSUTIL QUOTA command-line utility can be used to manage disk quotas • Can enable/disable, modify, display, track, report • Example (to enable disk quotas on drive E) • fsutil quota enforce e: • Events written to System log (displayed in Event Viewer) every hour by default • fsutil behavior command can change the interval • Help available for fsutil quota and fsutil behavior commands in Help and Support Center Guide to MCSE 70-290, Enhanced

  35. Managing Disk Quotas from the Command Line (continued) Guide to MCSE 70-290, Enhanced

  36. Distributed File System • Makes it appear that multiple shared-file resources are stored in a single hierarchical structure • Users do not have to know which server a shared folder resides on • Configured using the Distributed File System console in Administrative Tools menu • Tree structure (root and DFS links) Guide to MCSE 70-290, Enhanced

  37. Distributed File System (continued) Guide to MCSE 70-290, Enhanced

  38. DFS Models • Two models: • Standalone DFS model (more limited capabilities) • Domain-based DFS model Guide to MCSE 70-290, Enhanced

  39. DFS Models (continued) • Hierarchical structure is called DFS topology or logical structure, three elements to structure • The DFS root • Main container on host server • The DFS links • Pointers to physical location of shared folders • Servers on which the DFS shared folders are replicated as replica sets • Replica set is set of shared folders that is replicated across multiple servers Guide to MCSE 70-290, Enhanced

  40. Activity 7-7: Implementing Domain-Based DFS and Creating Links • Objective: to create a new domain-based DFS root and add DFS links • Use New Root Wizard from Distributed File System utility to set up a root • Add links to other folders • Verify DFS structure Guide to MCSE 70-290, Enhanced

  41. Managing DFS • Tasks involved in managing DFS system • Deleting a DFS root • Removing a DFS link • Adding root and link replica sets • Checking the status of a root or link • Replication capability provides fault tolerance and load balancing • DFS replication options and topologies managed from Configure Replication wizard Guide to MCSE 70-290, Enhanced

  42. Managing DFS (continued) • DFS element status is indicated with colored icons Guide to MCSE 70-290, Enhanced

  43. Summary • File and folder attributes are: • Read-only (can a resource be modified or deleted) • Archive (has a resource recently been changed) • System (does resource have specific display requirements, especially in conjunction with Hidden) • Hidden (should the resource appear normally in Windows Explorer) • File and folder attributes can be set through graphical tools or the ATTRIB command-line utility Guide to MCSE 70-290, Enhanced

  44. Summary (continued) • Advanced attributes on NTFS partitions or volumes include: • Archiving (specifies whether to back up file) • Indexing (makes resource searchable) • Compression (saves disk space) • Encryption (makes resources accessible only to those holding keys) • Command-line utilities for advanced attributes include: • COMPACT • CIPHER Guide to MCSE 70-290, Enhanced

  45. Summary (continued) • Disk quotas allow management of disk space usage by individual users • Managed from the Properties of a volume or using the FSUTIL command-line utility • Distributed File System allows management of shared-file resources • Appear as a single hierarchical structure • Can be physically located on different servers • 2 DFS models: standalone and domain-based Guide to MCSE 70-290, Enhanced

More Related