Microsoft Windows server 2003

Environment (Chapter-3)

File System
A file system is the method used by an OS to
manage the data on a drive.
There are basically two different types of file
systems currently available for use with
Windows Operating Systems.
These are FAT (File Allocation Table) and NTFS
(New Technology File System).
FAT comes in several flavors, including FAT16,
VFAT, and FAT32 .
For FAT, hard drive size is less than 32GB
NTFS File System
Microsoft created the new technology file
system (NTFS) to compensate for the features it
felt FAT lacked.
These features include fault tolerance,
enhanced security, file compression, disk quotas
and so on.
NTFS is the newer, more stable and more secure
file system.
Converting to NTFS dos command
Convert drive: /FS:NTFS

File Permission
Permission define the type of access that is
granted to a user, group, or computer for an
object.
There are two level of permissions.
Shared folder permissions allow security
principals remote access to shared resources
across the network.
Share folder permissions are only in effect when
a resource is accessed from the network.
File Permission
NTFS permission, on the other hand, are always
in effect, whether connecting across the
network or logged on to the local machine
where the resource is located.
NTFS Permissions are built in to the NTFS file
system and cannot be disabled on an NTFS
volume.
The following permissions are common
permissions:
Read permissions
Write permissions
Delete permissions
Shared Folders
When share a folder, the folder is made
accessible to multiple users simultaneously over
the network.
After a folder is shared, users can access all of
the files and subfolders in the shared folder if
they are granted permission.
Shared folders show an icon of a hand holding
the folder.
Share only folders, not individual files.
Default permission on shared folders is Everyone
Read.
Shared Folders
When users or groups are granted permissions to
a shared folder, the default permission is Read.
To hide a shared folder, include a $ after the
name of the shared folder.
When you copy a shared folder, the original
shared folder is still shared, but the copy is not
shared.
Users access hidden shares by typing the UNC
(Universal Naming Convention) path.
E.g. \\server01\admin$
Administrative Shared Folders
Administrative Shared Folders
Windows Server 2003 automatically shares
folders that enables to perform administrative
tasks.
By default, members of the administrators
group have the full control permission for
administrative shared folders.
Purpose of default administrative shared folders
C$,D$ : Use these shared folders to remotely
connect to a computer and perform
administrative tasks.
Administrative Shared Folders
Admin$ : This is the systemroot folder, which is
C:\Windows by default. Administrators can
access this shared folder to administer windows.
Print$ : This folder provides access to printer
driver files for client computers.
IPC$ : This interprocess communications share is
used during remote administration of a
computer and when viewing a computer shared
resources.

Shared Folder Permissions
Permission Description
Read
(Default, applied
to the Everyone
group)
Allows you to view data in files and attributes
Allows you to view file names and subfolder
names
Allows you to run program files
Change
(Includes all Read
permissions)
Allows you to add files and subfolders
Allows you to change data in files
Allows you to delete subfolders and files
Full Control
(Includes all Read
and Change
permissions)
Allows you to change NTFS file and folder
permissions
NTFS
NTFS is a file system that provides:
Reliability
Security at the file level and folder level
Improved management of storage growth
Multiple user permissions
Reliability : NTFS uses log file and checkpoint
information to restore the integrity of the file
system when the computer is restarted.
Greater Security : NTFS files use the Encrypting
File System (EFS) to secure files and folders.
NTFS
Improved management of storage growth : NTFS
supports disk quotas, which enable to specify
the amount of disk space that is available to a
user. NTFS manages disk space efficiently by
using smaller cluster sizes.
Multiple user permission : NTFS combines
multiple permissions to produce the users
effective permissions.
NTFS File and Folder Permissions
File permissions Folder permissions
Full Control
Modify
Read & Execute
Write
Read
List Folder Contents
Full Control
Modify
Read & Execute
Write
Read
Effects on NTFS Permissions When Copying
and Moving Files and Folders
When you copy files and folders, they inherit the
permissions of the destination folder
When you move files and folders within the same
partition, they retain their permissions
When you move files and folders to a different
partition, they inherit the permissions of the
destination folder
NTFS Partition
C:\
NTFS Partition
E:\
NTFS Partition
D:\
Move
Copy
or
Move
Copy
File Compression
Compressing files, folders and programs
decreases their size and reduces the amount of
space they use on drives or removable storage
devices.
Windows supports two types of compression:
NTFS file compression and compressed (zipped)
folders.
NTFS files compression
Files and folders on an NTFS volume are either
compressed or uncompressed.
File Compression
Compression is configured as an attribute of a file
or folder.
New files created in a compressed folder are
compressed by default.
Compressed (zipped) folders
Files and folders that are compressed using the
compressed (zipped) folders feature can be
compressed on FAT, FAT32, NTFS drives.
Compressing folders by using Compressed (zipped)
folders does not affect the overall performance of
the computer.
The effects of Moving and Copying
Compressed Files and Folders
Copy within an NTFS partition
File or folder inherits the compression state of the
target folder
Move within an NTFS partition
File or folder retains its original compression state
Copy between NTFS partitions
File or folder inherits the compression state of the
target folder
Move between NTFS partitions
File or folder inherits the compression state of the
target folder
EFS Encryption
EFS provides encryption for files created on
NTFS volumes.
Encryption and decryption are the primary tasks
of EFS.
Several encryption and decryption options are
available to users.
Folders that are marked for encryption are not
actually encrypted.
Only the files in the folder are encrypted.
The effects of Moving and Copying
Encrypted Files or Folders
Effect of moving encrypted files
Moving file from an unencrypted folder to an
encrypted folder, the file remains encrypted.
Effect of copying encrypted files
Copying an unencrypted file to an encrypted folder,
the copied file is encrypted.
Disk Quota
Track and control user NTFS volume space.
Restrict storage to quota.
Trigger log events.
Quotas can enable on local volumes, network
volumes and removable drives if they are
formatted by using NTFS.
Enabling disk quotas requires a minimal amount
of CPU overhead and no administration after the
initial configuration.
Shadow Copies
A shadow copy is a feature of the windows
server 2003 family that provides point-in-time,
read-only copies of files on network shares.
Use shadow copies to:
Recover files
Review previous versions
Shadow copies are:
Enabled per volume
Not a replacement for regular backup
Allocated storage limits versions
Characteristics of shadow copies
Shadow copies may not be able to recover
corrupted files and cannot recover files if a
volume fails.
Shadow copies are read-only.
Shadow copies are enabled on a per-volume
basis.
After shadow copies are enabled on a volume,
shadow copies are enabled for all shared folders
on that volume.
Shadow copies track changes to files, they do
not make copies of files.
Internet Connection Sharing (ICS)
ICS is the name given by Microsoft to a feature
of its windows operating system (as of Windows
98 Second Edition and later) for sharing a single
internet connection on one computer between
other computers on the same local area
network.
It makes use of DHCP and Network address
translation (NAT).
ICS routes TCP/IP packets from a small LAN to
the Internet.