Chapter : 6

Data Access Protection and

Management

6.0 Objectives
6.1 Windows 10 Shared Folder Structure
6.2 Understanding HomeGroup
6.3 Goals 0f Windows 10 Disk Quota
6.4 Summary
6.5 Check Your Progress Answers
6.6 Questions for Self Study

6.0 Objectives
At the end of the module, you will be able to :
Describe and Configure Shared Folder Permissions.
Configure Homegroups, Libraries and Printers.
Configure NTFS Auditing .
Configure Disk Quotas.

6.1 Windows 10 Shared Folder Structure

Windows Explorer was present since earlier versions of
Windows like Windows 7, Now Windows Explorer is replaced by
File Explorer in Windows 10.
File Explorer provides an improved, light-weight GUI
(Graphical User Interface) to access Windows file system. The
shortcut to access File Explorer in Windows 10 is by pressing
the key combination of Windows Key and letter "E” from your
Keyboard.

Data Access Protection and Management / 97

 6.1.1 File Explorer Ribbon
The Ribbon in File Explorer can be used for following set of
actions:
For sharing and Advanced Security option
The Files and Folders can be zipped, burned to disk, you can
also Fax, Print and Email the files and folders.
File Explorer can be used to manage an App from Windows
Store.
File explorer performs the drive level options like, BitLocker,
Optimize, Cleanup and Format.

6.1.2 Understanding types of Sharing

The hierarchical classification for Sharing Types are:
User Types for Sharing is also known as the Basic User Level
Sharing. It is further classified as:
Local User : It is the user account stored on the Local
Windows 10 Machine.
Domain User : It is the user account stored in centralized
Domain Server. Domain Users have access to network folders
across the domain or forest.
Microsoft Account : It is an online user account in
Outlook.com or Live.com. It is used to access network and cloud
content locations.

The Second Type of Sharing option is Group Type for

Sharing. It is also known as Sharing based on Groups.
Local Groups : It is groups residing in Local Windows 10
client computers, to access client located shares.
Domain Based Groups : These groups reside on Domain
Server. It is used to access shares located on Domain.
System Groups like, Everyone, Authenticated Users are the
default options that you will see while you are assigning sharing
permissions.

98 / Operating System 1
 Custom Groups : It is the best idea implemented by an
Administrator to ensure secure and restricted access to the
shared folders. Custom Groups can be combination of Users and
Groups.

6.1.3 Command line Sharing Tool

Command Line Sharing Tool is further classified in 2 types:
First type is sharing through command prompt with "Net”
command.
The second type can be use of Powershell.

6.1.4 Powershell commands for Sharing

The second type of Command line sharing can be done by
using Powershell.
Windows 10 Powershell is the most important tool in
configuration and management of the Windows 10 features and
services.
Powershell used WMI (Windows Management
Instrumentation) or SMB (Server Message Blocks). SMB uses
CIFS (Common Internet File System). CIFS is a Microsoft based
protocol used to share the files and folders.
The image illustrates the PowerShell cmdlet to create a New
Share (by using the command "New- SMBshare”) and list the
available Local shares (by using the command "Get-SMBshare”).

6.2 Understanding HomeGroup

Workgroup and HomeGroup both terms are used to define a
group of computers, set to share the resources.
Workgroup Option is available to all the versions of Windows.
It is limited to maximum group of 20 computers. Workgroup
cannot be password protected.
Workgroup works in both IPv4 and IPv6. It requires the same
workgroup name.

Data Access Protection and Management / 99

 Workgroup requires sharing and security permissions to be
set.
To use a Workgroup computer, you need to have a user
account on that computer.

HomeGroup is a Home PC Network available from Windows

7 onwards.
W Home group is not limited by maximum computers.
Can Password Protect a HomeGroup.
The objective of Home group is to share Documents,
Pictures, music, videos and Printers.

6.2.1 HomeGroup Requirements

Requirement for HomeGroup computers are:
Devices participating in Network Type must be Private
IP version 6 must be enabled in all the devices.
The supported Operating systems are windows 7, 8, 8.1 and
Windows 10.
A Domain joined computer can join a HomeGroup (provided
the network type is Private) but these types of computers
cannot create a HomeGroup.
The image shows the control panel option to create a
HomeGroup.

6.2.2 Firewall and Services settings for HomeGroup

Firewall settings for a HomeGroup
The network type must be "Private”.
File and Printer sharing option must be enabled.
Network Discovery option must be enabled.
TCP port number 3587 and UDP port number 3540 must be
allowed.
Services Settings to be configured and verified for
HomeGroup are :

100 / Operating System 1

 HomeGroup Listener or Provider must be enabled and
running.
Peer Networking Identity manager and Grouping must be
enabled running.
PNRP (Peer Name Resolution Protocol) Machine Name
Publication must be enabled and running.

6.2.3 Understanding Windows 10 Library Architecture

Windows 10 Libraries are containers that organize file
contents.
The contents stored in Windows 10 Library can be local or
remote.
Each library shows a view of folders stored in different
locations. In general, the library shows the consolidated content
from data stored at various local or remote locations.
It should be noted that Maximum 50 folders can be
accommodated per Library.

6.2.4 Windows 10 Library Management

Windows 10 Library Management process consists of
following steps :
First Step is to create a New Library in Windows 10 PC.
The second step is to add folders to the Library. It can be
noted that the necessary folders can be from your local
Windows 10 PC or it can be from remote locations.
To have seamless experience, you can sync Windows 10
Library with OneDrive online storage.
Step 1 is selecting the folders, Right Click on the Folder,
Select the option “Include in Library”
Number marked 3 indicates that you can create a new library,
and include the selected folder inside the Library.

Data Access Protection and Management / 101

 6.2.5 Windows 10 Printer Settings > Windows 10 Printer
Settings are characterized by Printer Properties like:
Printing Preferences : When you set personal printing
preferences using Printer and Faxes options, the default
settings are changed for all documents you print to that
printer. These preferences include page orientation, and
number of copies printed.
Printer sharing : It is the process of allowing multiple
computers and devices connected to same network to access
one or many printers.
Printer Scheduling and Availability : It is about assigning
the availability of printer during business hours. Every print
job on the print server is controlled by print spooler to manage
the print jobs with scheduled priority.
Increasing the physical security of your printer and
implementing restrictive access can help prevent document
theft or snooping.
Device Settings : You can change the Printer’s device
settings by right-clicking Properties of the specified printer.
Various options determined by device drivers are, Paper
Trays and Installable options etc.

6.2.6 Powershell commands for Printers

The Powershell Commands for Printer Administration are the
important commands used for
Administration are explained as follows:
The Add-Printer cmdlet adds a printer to a specified
computer. It can add both local printers and connections to
network-based printers. This command also adds custom
printer drivers to Windows 10 PC.
The Add-Printer Port cmdlet creates a printer port on the
specified computer. This command helps to create a local
printer port using TCP, and ports.
Add-Printer-name-drivername-port is the command used to

102 / Operating System 1

 create a new printer with the additional drivers and ports in
the Windows 10 machine.
Add-Printer-connection name is the command used to create
a new connection in the Windows 10 machine, also note that
this printer connection can be shared to make this printer
available to users on network.
Get-Printer command to retrieve the properties of a single
printer.
Get-PrinterDriver cmdlet is used to retrieve the driver
information for a specific printer installed in a Windows 10
machine.
The Get-PrinterPort cmdlet retrieves a list of printer ports that
are installed on the specified computer.
The Get-WindowsDriver cmdlet displays information about
driver packages in the online or offline Windows image.
The Get-PrintConfiguration cmdlet gets the configuration
information about the specified printer.

6.2.7 Printing from Edge Browser

Print Option on Windows 10 - Edge Browser can be accessed
by pressing the combination of
Control Key + P from your keyboard.
The options available for printing are:
Copies : Choose how many full copies of the printing job you
want to be printed.
Pages : Choose from all pages, the current page shown in
the preview, or page range.
Scale : Change how large you'd like text and images to
appear.
Margins : Set how wide or narrow you'd like the margins to
be on printed pages.
Headers and footers : Toggle on and off. When on, the
article's title, the website, and the page number will be
displayed at the top of the page, while the URL and date will

Data Access Protection and Management / 103

 be displayed at the bottom of the page.

6.3 Goals of Windows 10 Disk Quota

Disk Quota is used to restrict the disk usage for a specific
user or group of users.
Disk Quota is implemented on Server Disks like, SCSI. Since
these disks are expensive and user should not be allowed to
store his personal, non-productive data on these expensive
disks. This forms the scenario for application of Disk Quota.
Objectives of Windows 10 Disk Quota are:
Control data usage: It is ability to restrict users to available
disk space example assign 1GB disk space to each user.
Avoid lengthy backups: Prevents the saving of backup files
inside the quota enabled disks.
Discourage personal use: It is ability to prevent users to save
personal images, audio, video etc. The user is allowed to
save only documents.
Plan for capacity upgrades: It is for the future requirements
of disks.
Facilitate migration of data to SSDs: It should be noted that,
ReFS (Resilient File System) does not support Quota
Management.

6.3.1 Categories of Windows Quota

There are 2 types of Quota Management.
First category is Basic NTFS Quota Management. Its features
are:
I t can be implemented in domain or non-domain-based
environments.
NTFS quota can be configured manually or by using GPO.
It can be implemented on volume (disk size) basis or per user
basis.
The second category of Windows Quota is FSRM quota:

104 / Operating System 1

 FSRM is File Services Resource Manager. It is a feature
available in Windows Server, since Server 2008 operating
systems.
FSRM is set on a Network based File server. Any user
accessing this server is bound to obey the Quota policies
implemented on this server. It is set on Per Folder or Volume
Basis.
Default NTFS Quota Settings
By Default, NTFS has a Quota feature setting. The quota
feature is present on the Disk Properties.
Some Features of NTFS Disk Quota are as follows:
A local administrator can set quota limit for the local users
available on the Windows 10 PC.
It should be noted that, Quota limit is not applicable on the
local “Administrator” of the PC.
Individual Quota limits can be adjusted (the limit can be
increased or decreased).
NTFS Disk Quota can be implemented on Per-Volume or
Per-User basis. This decision is to be made by the local PC
administrator.
Command line Quota Management
NTFS Quota can be managed by using FSUTIL command
line utility.
FSUTIL is File-Services Command-line Utility.
Following Operations can be performed by using FSUTIL
command :
Query: Used to retrieve the status of the Disk and file
properties.
Disable: Is used to remove FSUTIL conditions.
Modify: Is used to change (add or remove) FSUTIL
conditions.
Track and violations: Can be used in a single command to
find, if any user has reached limits or tried to violate the disk
quota limits.

Data Access Protection and Management / 105

 Enforce commands: Is used to apply the FSUTIL changes on
the corresponding volume or user.

6.1,6.2 ,6.3 Check Your Progress

1) NTFS Quota can be managed by using .................
command line utility.
2) ................. is File-Services Command-line Utility.
3) Quota limit is not applicable on the local .................... of the
PC.

6.4 Summary
File Explorer (GUI based access to Windows file system) has
replaced Windows Explorer
Sharing options are:
Local Users, Domain users, Microsoft Accounts
Local Groups, Domain Groups, System Group, Custom
Group.
Command line tool for sharing is "Net command” and
Powershell.
Workgroup and HomeGroup are terms used for a group of
computers, set to share the resources.
Home group is used to share Documents, Pictures, music,
videos and Printers.
Libraries are containers that organize file content in Windows
10 machine.
Library Content can be local or remote, maximum folders or
drives per Library is 50.
Annotated web pages can be printed through Edge Browser.
Restricted Printing is desired feature in organization.
Auditing is recording events for Security and Compliance
requirements.
Audit logs are created for success or failure or both the
events.

106 / Operating System 1

 Auditing categories are :
Administrative tracking, Object access, Policy Change,
Account Logon.
Disk Quota Management encourages proper usage of Disk
space.
Disk Quota is not supported by ReFS.

6.5 Check Your Progress Answers

1) FSUTIL
2) FSUTIL
3) “Administrator”

6.6 Questions for Self Study

1) What are the different sharing options available in Windows
10?
2) What are the differences between Workgroup and
HomeGroup?
3) What are the advantages of Windows 10 Libraries?
4) Why do we use restricted printing in Windows 10?
5) What is auditing and how to read audit logs?
6) Explain the various auditing categories in Windows 10?
7) Explain Disk Quota management in Windows 10?

Data Access Protection and Management / 107

 Notes
____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

108 / Operating System 1