dfs very imp 2

8/13/2019 Dfs Very Imp 2

1/45

70-290: MCSE Guide to Managing

a Microsoft Windows Server 2003

Environment

Chapter 7:Advanced File System

Management


2/45

Management

70-290: MCSE Guide to Managing a MicrosoftWindows Server 2003 Environment

2

Objectives

Understand and configure file and folder attributes

Understand and configure advanced file and folder

attributes

Implement and manage disk quotas

Understand and implement the Distributed File

System


3/45


3

File and Folder Attributes

Used since MS-DOS operating system

Attributes describe files, folders, and theircharacteristics

Applicable utilities include graphical tools and theATTRIB command

Four standard file and folder attributes

Read-only

Archive System

hidden


4/45


4

Read-only

Designates that the contents of a file cannot bechanged and file cannot be deleted

Available in all file systems (FAT, FAT32, NTFS

partitions and volumes) FAT, FAT32 attributes can be changed by any user NTFS attribute can only be changed by a user with

appropriate permissions

Can be configured for a file or folder For folders, attribute pertains to the files it contains, notthe folder itself


5/45


5

Read-only (continued)


6/45


6

Archive

Marks which files and folders have been recentlychanged or created

Recently modified files are marked as ready for

archiving Important for backup

Backup methods update the status of the archiveattribute

Viewing the attribute is done using WindowsExplorer or command-line utilities (e.g., DIR,ATTRIB)


7/45


7

System

Originally designed to identify O.S. in MS-DOS

In Windows Server 2003

Used in conjunction with hidden attribute

When system and hidden both true, file or folder is

super hidden (not displayed in Windows Explorer

interface)

Treated as protected operating system files with

specific alternate display options

Can only be manipulated using ATTRIB command


8/45


8

Hidden

Used to make files and folders less visible to users

from Windows Explorer and command-line

Default configuration in Windows Server 2003displays hidden files as semi-transparent icons

unless in conjunction with system attribute

Hidden attribute can be configured from General

tab of Properties


9/45


9

Hidden (continued)

Visibility can be configured from View tab ofFolder Options from Tools in Windows Explorer

Show hidden file and folders

Hidden files and folders appear in Windows

Explorer as semi-transparent icons

Do not show hidden files and folders

Files with set hidden attributes do not appear in

Windows Explorer

Hide protected operating system files

All files with both hidden and system attributes set

are hidden in Windows Explorer when set


10/45


10

Hidden (continued)


11/45


11

Activity 7-1: Viewing and

Configuring File and Folder

Attributes Using Windows Explorer

Objective: Use Windows Explorer to view and

configure file and folder attributes Use Windows Explorer to view sets of files and

folders that are visible by default

Reconfigure View settings

Observe results of configurations


12/45


12

The ATTRIB Command

A command-line utility used to view, add orremove the four attributes of files and folders

Only way to configure system attribute Supports wildcards (*) allowing multiple files or

folders to be changed simultaneously

Syntax

View: attribfilename

Set: attrib +attributefilename

Remove: attribattributefilename


13/45


13

Activity 7-2: Changing File

Attributes Using the ATTRIB

Command Objective: View and change file attributes from

the command line

Create a new folder and files

Observe attributes

Change attributes using ATTRIB

Observe changes

Hide protected files

Observe changes


14/45


14

Advanced Attributes

Advanced attributes found on NTFS partitions or

volumes

Archive and Index attributes File is ready for archiving

Indexing service

Compress or Encrypt

Compress contents to save disk space

Encrypt contents to secure data


15/45


15

Advanced Attributes

(continued)


16/45


16

File Compression

Reduces amount of disk space needed for files and

folders

Automatically uncompressed when the resource isaccessed

Compressed resources displayed in different color

in Windows Explorer (blue by default)

Moving and copying resources can affect

compression


17/45


17

Activity 7-3: Configuring

Folder Compression Settings

Objective: Configure a folder to compress its

contents Create a folder, copy a file into it

Set the compression attribute on the folder to

compress itself and its contents

Note the appearance of the folder and verify

compression of contents


18/45


18

Activity 7-3: (continued)


19/45


19

COMPACT

Used with NTFS file system only

Command-line utility for configuring the

compression attribute Syntax

COMPACT (to view)

COMPACTswitchesresourcename (to set attributes)

Switches /c (to compress resources)

/u (to uncompress resources)


20/45


20

File Encryption

Encrypting File System (EFS) uses public key

cryptography to encrypt files and folders

Only on NTFS file systems

Transparent to user

Implemented using 2 main types of keys

File encryption key (FEK)

Session key added to header of encrypted data (datadecryption field)

Public key encrypts DDF


21/45


21

File Encryption (continued)

Main challenge for public key cryptography iswhen users leave organization

Can rename user account

Can use data recovery agent FEK also stored in data recovery field (DRF) Encrypted using data recovery agents public key

Default is administrator, additional recovery agents canbe designated

Moving or copying files can affect encryption

Encrypted files cannot be compressed, vice versa


22/45


22

Activity 7-4: Encrypting Files

Using Windows Explorer

Objective: Implement and test file encryption

security using EFS

Configure encryption on a folder and create a file

in the folder

Try to open the folder and file from another user

account and observe results Try to open the folder and file from a domain

administrator account and observe results


23/45


23

Sharing Encrypted Files

In Windows 2000, only user and data recovery

agent could access an encrypted file

In Windows Server 2003, Advanced Attributes

allows sharing with other specific named users

Issues:

Only for files, not folders

Can only share with users, not groups Users must have a certificate on computer

Users must have appropriate NTFS permissions


24/45


24

Sharing Encrypted Files

(continued)


25/45


25

The CIPHER Command

Command-line utility for file and folder

encryption

Used by administrator NTFS partitions and volumes only

Syntax

CIPHER (to view)

CIPHERswitchesresourcename (to set attributes)


26/45


26

The CIPHER Command

(continued)


27/45


27

The CIPHER Command

(continued) Switches

/e (to encrypt a folder)

/d (to decrypt a folder) /a (to apply other switches to a file rather than a folder)

Cannot encrypt files which have their read-only

attribute set

Can use the wildcard character (*)


28/45


28

Activity 7-5: Encrypting Files

Using the CIPHER Utility

Objective: To encrypt and decrypt files using

CIPHER

Create a new folder and files

Encrypt a single file and observe the results

Encrypt files using the wildcard character and

observe results


29/45

70-290: MCSE Guide to Managing a MicrosoftWindows Server 2003 Environment 29

Disk Quotas

Disk quotas used to monitor and control user diskspace

Advantages

Prevents users from consuming all disk space

Encourages users to delete old files

Allows monitoring for planning purposes

Allows monitoring of individual users

Disabled by default Implemented only on NTFS volumes

Configured from Properties of a volume


30/45


Disk Quotas (continued)


31/45




32/45




33/45


Activity 7-6: Configuring and

Managing Disk Quotas

Objective: Enable and manage disk quota settings

Enable quota management

Configure soft disk quota settings

Observe results

Set up a warning situation and observe results


34/45


Managing Disk Quotas from

the Command Line

FSUTIL QUOTA command-line utility can beused to manage disk quotas

Can enable/disable, modify, display, track, report

Example (to enable disk quotas on drive E)

fsutil quota enforce e:

Events written to System log (displayed in EventViewer) every hour by default

fsutil behavior command can change the interval

Help available for fsutil quota and fsutil behaviorcommands in Help and Support Center


35/45


Managing Disk Quotas from

the Command Line (continued)


36/45


Distributed File System

Makes it appear that multiple shared-file resources

are stored in a single hierarchical structure

Users do not have to know which server a shared

folder resides on Configured using the Distributed File System

console in Administrative Tools menu

Tree structure (root and DFS links)


37/45


Distributed File System (continued)


38/45


DFS Models

Two models:

Standalone DFS model (more limited capabilities)

Domain-based DFS model


39/45


DFS Models (continued)

Hierarchical structure is called DFS topology or

logical structure, three elements to structure

The DFS root

Main container on host server The DFS links

Pointers to physical location of shared folders

Servers on which the DFS shared folders are replicated

as replica sets Replica set is set of shared folders that is replicated

across multiple servers

A i i 7 7 I l i


40/45


Activity 7-7: Implementing

Domain-Based DFS and

Creating Links

Objective: to create a new domain-based DFS root

and add DFS links Use New Root Wizard from Distributed File

System utility to set up a root

Add links to other folders

Verify DFS structure


41/45


Managing DFS

Tasks involved in managing DFS system

Deleting a DFS root

Removing a DFS link

Adding root and link replica sets Checking the status of a root or link

Replication capability provides fault tolerance and

load balancing

DFS replication options and topologies managed

from Configure Replication wizard


42/45


Managing DFS (continued)

DFS element status is indicated with colored icons


43/45


Summary

File and folder attributes are:

Read-only (can a resource be modified or deleted)

Archive (has a resource recently been changed)

System (does resource have specific display

requirements, especially in conjunction with Hidden) Hidden (should the resource appear normally in

Windows Explorer)

File and folder attributes can be set through

graphical tools or the ATTRIB command-lineutility


44/45

70-290: MCSE Guide to Managing a Microsoft

Windows Server 2003 Environment

44

Summary (continued)

Advanced attributes on NTFS partitions orvolumes include:

Archiving (specifies whether to back up file)

Indexing (makes resource searchable)

Compression (saves disk space)

Encryption (makes resources accessible only to thoseholding keys)

Command-line utilities for advanced attributes

include: COMPACT

CIPHER


45/45

70-290: MCSE Guide to Managing a Microsoft 45

Summary (continued)

Disk quotas allow management of disk space

usage by individual users

Managed from the Properties of a volume or using the

FSUTIL command-line utility

Distributed File System allows management of

shared-file resources

Appear as a single hierarchical structure

Can be physically located on different servers

2 DFS models: standalone and domain-based

dfs very imp 2

Documents