1 / 50

Chapter 10 : Files, Folders, and Shares

Chapter 10 : Files, Folders, and Shares. BAI617. Chapter Topics. File Service Role Share & NTFS Permissions Quotas. The File Service Role.

inari
Télécharger la présentation

Chapter 10 : Files, Folders, and Shares

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 10:Files, Folders, and Shares BAI617

  2. Chapter Topics • File Service Role • Share & NTFS Permissions • Quotas

  3. The File Service Role • One of the core functions of any server is to serve resources such as files and folders. In Windows Server 2008 R2, File Services is one of the key roles you can add. • The File Services role includes: • File Server Resource Manager (FSRM) • Services for Network File System (to support Unix clients) • Windows Search service • BranchCachefor remote offices. • Page 431 in Text

  4. The File Service Role • File Server: This is the primary role service required to support the File Services role. It is automatically added when a folder is shared. • Distributed File System (DFS) DFS includes both DFS Replication and DFS Namespaces and is covered in more depth in Chapter 11

  5. The File Service Role • File Server Resource Manager (FSRM): The FSRM provides a rich set of additional tools that can be used to manage the storage of data on the server including configuring quotas, defining file screening policies, and generating storage reports.

  6. The File Service Role • Services for Network File System (NFS):This service enables you to grant access to files from Unix / Linux client computers. • Windows Search Service: Uses indexing to perform quicker file searches. It’s intended for small file server scenarios and can impact performance on large enterprise file servers.

  7. The File Service Role • BranchCache for Network Files BranchCache can be used in a multiple-site environment to allow computers in branch offices to cache commonly downloaded files • See page 433 for the step by step guide to installing the File Service Role

  8. Creating Shares (The 2008 Way) • Start Administrative Tools  Server Manager. • Browse to the Roles File Services Share and Storage Management node, right-click Share and Storage Management, and select Provision Share.

  9. Creating Shares (The 2008 Way) • On the Shared Folder Location page, click Browse. Browse to a folder you want to share. Click Next. Insert CAP

  10. Creating Shares (The 2008 Way)

  11. Creating Shares (The 2008 Way)

  12. Creating Shares (The 2008 Way)

  13. Creating Shares (The 2008 Way) • The NTFS Permissions page gives you an opportunity to change the NTFS permissions if desired.

  14. Creating Shares (The 2008 Way)

  15. Creating Shares (The 2008 Way)

  16. Creating Shares (The 2008 Way)

  17. Creating Shares (The 2008 Way) • On the Share Protocols page, you identify the protocols used to access the share and can also give the share a different share name. SMB is the primary protocol used by Windows clients to connect. If you added NFS support for Unix clients, you could select NFS here.

  18. Creating Shares (The 2008 Way)

  19. Creating Shares (The 2008 Way)

  20. Creating Shares (The 2008 Way)

  21. Managing NTFS Permissions • NTFS permissions apply to any file or folder on a disk that has been formatted with NTFS.

  22. Managing NTFS Permissions

  23. Managing NTFS Permissions • Read: • When a user is assigned Read permission, the user is allowed to view the contents, permissions, and attributes associated with a file or folder. • Read and Execute: • The Read and Execute permission is used to grant permission for a user to execute files. Any executable files (such as .exe, .bat, and .com) are files that can be executed or launched. If a user has only Read permission, and not Read and Execute, the files can’t be executed. • List Folder Contents: • The List Folder Contents permission allows a user to view the contents of a folder. It will allow a user to see that files exist in a folder, but will not apply Read permissions to those files.

  24. Managing NTFS Permissions • Write: • If a user is assigned Write permission to a file or folder, the user can modify the file or folder. This includes adding new files or folders to a folder or making changes to existing files or folders. However, it does not include deleting files from a folder. • Modify • Modify includes all of the permissions from Read, Read & Execute, and Change, and adds the ability to delete files and folders. • Full Control • Full Control is a combination of all the available permissions. It adds the ability to change permissions and take ownership of files or folders.

  25. Share Permissions • Share permissions only apply to shares when they are accessed over the network.

  26. Share Permissions

  27. Share Permissions • Read • Users granted Read permission can read files and folders within the share. • Change • Users granted Change permission can read, execute, modify, and delete files and folders within the share. • Full Control • Users granted Full Control permission have all the permissions from Change, and can also modify permissions on the share.

  28. Cumulative Permissions • Objects can have multiple permissions assigned • Policies Folder Share Level Authenticated Users Change NTFS level Authenticated Users Read Administrators FC HR Clerks Change Contract Staff Deny: Read What Access? HR Clerks Contract Staff Authenticated Users

  29. Deny vs. Implicit Deny • Deny always take precedence over any other permissions assigned to a user or group • Implicit Deny: If permissions aren’t explicitly granted, they are implicitly denied. (they are not invited to the party)

  30. Connecting to Shares • you connect to a share using the universal naming convention (UNC) of \\ServerName\ShareName. • In our examples - \\FS1\Home

  31. Mapping a Network Drive • Why? • Users can connect every time they log in • Users do not need to the UNC for connecting • Mapped drives can be used in automated (batch) processes

  32. Mapping a Network Drive

  33. Mapping a Network Drive

  34. Mapping a Network Drive • Command line approach to mapping a Network Drive • “net use driveletter\\servername\sharename • Net use H: \\FS1\Home • Net use H: \\10.10.10.1\Home

  35. Common Shares • In Windows Server, several common shares have already been created for you. Most of these shares are hidden. If you know of these shares, you can connect to any of them using the UNC path.

  36. Common Shares • C$, D$, and so on: • All drives, including CD-ROM drives, are given a hidden share to the root of the drive. This share is what is called an administrative share. • Only the Administrators and Backup Operators groups can connect to administrative shares, and you can’t stop sharing these administrative shares without modifying the registry or by stopping the Server service (which stops all sharing).

  37. Common Shares • ADMIN$ • The ADMIN$ share is another administrative share and it maps to the location of the operating system. If you installed the operating system at D:\Windows, the ADMIN$ share would map to D:\Windows.

  38. Common Shares • PRINT$ • Whenever you create a shared printer, the system places the drivers in this share. This allows the drivers to be easily downloaded when clients connect to the shared printer. • NETLOGON • The NETLOGON share is used in conjunction with processing logon requests from users. Once users successfully log in, they are given any profile and script information that they are required to run.

  39. Common Shares • SYSVOL • The SYSVOL share is used to house Group Policy information and scripts that are accessed by clients on the network. You will always see SYSVOL shares on domain controllers, but they can be replicated to member servers.

  40. File Server Resource Manager • You may need to install

  41. File Server Resource Manager

  42. File Server Resource Manager

  43. File Server Resource Manager • Quotas: • Allow you to monitor and limit the space users can consume on a volume or folder • Ability to set warning limits, set enforcement limits, provide notification of reached limits via email or event log entries, and even execute commands in response to any limit. • Quotas can be set for any share on a server or any specific path.

  44. Quotas

  45. Quotas

  46. Quotas

  47. Quotas

  48. Review • File Service Role • Share & NTFS Permissions • Quotas

  49. Questions?

  50. Lab Environment

More Related