|
|
| 70-270
Windows XP TechNote: |
| Implementing
and Conducting Administration of Resources |
FILE SYSTEMS
Back to top
Windows XP support the following file systems:
FAT
Back to top
Disks formatted with the FAT file system can
be accessed by MS-DOS, all versions of Windows, and OS/2. The
maximum supported volume size is 4 GB, the maximum file size
is 2 GB. This file system should only be used on removable media
such as floppy disks and hard disks smaller than 512 MB.
FAT32
Back to top
The faster file system FAT32, is often used
in multi-boot situations with operating systems that do not
support NTFS. Disks formatted with the FAT32 file system are
supported by Windows 95 OSR2, Windows 98 and ME, Windows 2000,
and Windows XP. Windows NT 4 and earlier cannot access
FAT32 volumes. The maximum supported volume size for FAT32 is
2 TB, but Windows XP can format up to 32 GB only. The maximum
file size is 4 GB. The minimum size for a FAT32 volume is 512
MB. You cannot format removable media such as floppy disks with
FAT32.
NTFS
Back to top
Disks formatted with NTFS version 5 can only
be accessed by Windows NT 4.0 with Service Pack 4 or higher,
Windows 2000, and Windows XP. NTFS supports a volume size over
2 TB and the maximum file size is limited only by the available
free space. You cannot format removable media such as floppy
disks with NTFS. Besides being able to handle large disks, NTFS
is the preferred file system for Windows 2000 and XP because
of the extra features it offers, including:
- File and folder permissions - (discussed below)
- File and folder compression - (discussed below)
- Encrypted File System (EFS) - (see EFS
TechNotes)
- Disk Quotas - Allows quotas to be assigned to users for disk
space usages per volume. Quotas are only available
on NTFS volumes and can be enabled and configured on the Quota
tab on a volume's Properties sheet.
CDFS
Back to top
This is the file system used on compact discs. You cannot format
regular disks with this file system.
Converting File Systems
Back to top
You can convert FAT file systems to NTFS using
the following command: convert c: /fs:ntfs
The convert utility cannot be used to convert from NTFS to another
file system. For example if you converted a FAT32 partition
to NTFS and you want to revert it back to FAT32, you will have
to create a full backup, reformat the drive with FAT32, and
restore the backup.
FILE AND FOLDER COMPRESSION
Back to top
NTFS Compression
Back to top
NTFS Compression allows compression of individual
files and folders, as well as entire NTFS drives. The process
of compression and decompression is transparent to the user.
For example, when a user opens a document from a NTFS compressed
disk, the document is decompressed automatically, when the user
saves the document it is compressed again. This process might
decrease your computer’s performance; it's best to compress
static data and only if it really saves space, you don't want
to waste CPU cycles compressing a ZIP file for example. An NTFS-compressed
file cannot be encrypted, and an encrypted file cannot be compressed.
If you do enable compression for an encrypted file, the file
will lose it's encryption attribute before it is compressed.
You can enable compression for a volume when you format it.
To enable compression on an existing volume, right-click it
and choose Properties from the context menu, on the
General tab enable the option Compress drive to
save disk space. To compress a file or folder, right-click
it and choose Properties from the context menu, click
the Advanced button and below Compress and Encrypt
attributes enable the option Compress contents to save
disk space. When you enable compression on a folder or
volume, Windows will ask if you want to enable compression for
all the files and subfolders in the folder or volume as well.
Besides using Windows Exporer, you can also use the command
compact to compress or decompress
a file or folder.
When you copy a compressed file to a folder on the
same, or a different volume, it inherits the compression state
of the target folder. This works also vice versa; when you copy
an uncompressed file to a folder with compression enabled, the
file will inherit the the target's compression state and thus
it will be compressed.
When you move a compressed file to a folder without
compression on the same volume, the file retains its
compression attribute. When data is moved within the same volume,
the data is not actually relocated, just the pointer to it,
this is why it retains the compression attribute. When you move
a compressed file to a folder without compression on a different
NTFS volume, the file inherits the compression state of the
target folder. If the target is not compressed, or is a FAT
or floppy disk, the file will be uncompressed. A move between
volumes is actually considered a copy; after the source file
is copied to the target volume the source file is deleted.
By default, compressed files and folders are displayed in a
different color, you can change
this by choosing Folder Options in the Tools
menu of My Computer/Windows Explorer. Click on the
View tab and enable the option: Show encrypted
or compressed NTFS files in color.
Compressed (zipped) Folders
Back to top
A
new feature introduced in Windows XP is Compressed Folders.
These are ZIP files that can be used like regular folders, with
some limitations and some advantages. The main limitation is
that many programs can't be run directly from the ZIP file because
they might depend on files outside the Compressed Folder. Also
you cannot save files to a compressed folder (zip file), you
have to use drag and drop or copy and paste. Some advantages
of Compressed (zipped) Folders are that they can easily be transported
on removable media and the Internet, they can be used on FAT
partitions, and they can be protected with a password. Compressed
Folders are not available on Windows XP 64-Bit Edition.
The easiest way to create a Compressed Folder is by right-clicking
the desktop, point to New, and then select Compressed
(zipped) Folder. You can also use the File menu
in My Computer. A Compressed Folder is represented
by a Folder icon with a zipper.
NTFS FILE PERMISSIONS
Back to top
One
of the main reasons to use NTFS is the possibility to assign
permissions for individual files and folders. Each file and
folder on an NTFS volume contains an Access Control List (ACL).
This list is filled with entries for groups and individual user
accounts and their corresponding permissions. When a user tries
to access a resource, Windows XP checks the ACL if the user
is listed and what level of permission is assigned.
The following permissions can be assigned for files and folders:
| Read |
Allows user read files
and list the contents of folders, subfolders and volumes,
including the attributes, permissions and ownership of
the files. |
| Write |
Allows the same as Read
and additionally allows the user to modify and create
files and (sub-)folders as well as changing attributes. |
| Read and Execute |
Allows the same as Read
and additionally allows users to run applications. |
| Modify |
Same as Read plus Write
and and additionally allows executing applications as
well. |
| Full Control |
Allows everything permitted
by the other permissions and and additionally a user with
Full Control can change permissions and take ownership
of file. |
For folders only, the following additional
permission can be assigned:
| List Contents
|
Allows user to read files
and list the contents of folders and volumes, user with
this permissions can only see the files and folders, not
read or change them. |
To assign NTFS permissions in Windows Explorer/My
Computer, right-click a file, folder, or drive, and click Properties
and then the Security tab. If your computer is not
a member of a domain, you have to disable the option Use
simple file sharing on the View tab of Folder Options
before you can see the Security tab.
Under Group or user names: on the Security
tab, select or add a group or user, and allow or deny
one of the permissions listed in the table above. Denying permissions
is usually only done to make an exception, for example, you
could allow Modify permission for the Sales group and
deny the same permission for certain user account in
the Sales group.
Allow permissions
are cumulative. For example, John is a member of the Sales group
and the Management group. Sales has been allowed Modify permissions
for the folder Sales_reports and the files in it. Management
has been allowed Read permissions for the same folder and the
files in it. John's effective permissions in this case is Modify.
File permissions override folder permissions.
For example, if user David has been allowed Read permissions
for the folder and Full Control permissions for a file work.doc,
his effective permissions for the work.doc file is
Full Control.
In addition to the permissions listed in the tables above, you
can also assign special permissions by clicking the
Advanced button on the Security tab.
When a user creates a file or folder Windows XP automatically
assigns Full Control permissions to the creator/owner. You can
take ownership of a file by replacing the owner with
your own account or with one of the groups you are a member
of. You must have Full Control or the special permissions Take
Ownership to be able to take ownership of a file or folder.
SHARED FOLDERS & PERMISSIONS
Back to top
A shared folder (commonly referred to as a share)
is a folder or entire volume that is published on the network
and can be remotely accessed by other users. The shared folder
can be used as if it were a local folder; to store data, and
even to run applications from the share over the network. Members
of the built-in group Administrators, Server Operators and Power
Users can share folders. If the shared folder is located on
an NTFS volume, users need at least the NTFS permission Read
for the local folder to be able to access it, regardless of
the share permissions assigned to it.
A Windows XP client that is not a member of a domain uses Simple
File Sharing by default. If you want to set advanced options
such as permissions, caching and a user limit, you need to disable
this option first. From the Tools menu in My Computer
choose Folder Options, disable the option Use simple
file sharing on the View tab.
Here are some common methods for creating shared folders:
1. Using the Shared Folders snap-in, which is included by default
in the Computer Management console. In the console tree, click
Shares (below Computer Management|System Tools|Shared Folders).
On the Action menu, click New File Share. You will be prompted
to select the folder or drive, enter the share name and description,
and set permissions.
2. Using the following command at the command prompt: net
share sharename=drive:path
3. In Windows Explorer/My Computer right-click the folder or
drive, click Properties and then the Sharing tab. Enable the
option Share this folder, enter a name for the share, an optional
description and configure other settings as depicted in the
following image.
When you share a folder, you can set a User limit to
set a maximum amount of users that can connect to the share
simultaneously.
There
are three different share permissions that can be assigned to
groups and individual user accounts. These permissions apply
only when connecting to the share over the network. The share
permissions do not apply to users who log on to the local machine.
If you want local security use NTFS file and folder permissions.
Share permissions:
| Read |
Allows user to read files
and list the contents of folders and volumes. This allows
executing applications as well. |
| Change |
Allows the same as Read
and allows the user to modify and create files and folders. |
Full Control
|
Allows the same as Change
and allows the user to modify Share permissions as well. |
When you set permissions you can either Allow or Deny them to
a user or group. Typically you would allow a group share permissions
and deny the same permissions to certain members of that group.
The default permissions for new shares is Read to Everyone.
When you combine NTFS permissions and share permissions the
most restrictive permission counts. For example, if you create
a folder with files and assign them Full Control NTFS permissions
to Everyone and share the same folder and assign the share
permission Read to Everyone, users connecting through the
network will have Read permissions.
To assign share permissions in Windows Explorer/My Computer
right-click the folder or drive, and then click Properties
and then the Permissions button on the Sharing
tab. Under Group or user names: select or add a group
or user, and allow or deny one of the permissions
listed in the table above.
By default, Windows XP creates several hidden administrative
shares:
| Share |
Purpose |
| Admin$ |
This is the system root,
usually C:\Windows, Administrators are assigned Full Control
share permissions. |
| Print$ |
This is the %systemroot%\System32\Spool\Drivers
folder, this folder is created when printers are shared
to allow clients to automatically download the printer
drivers. Administrators and Power users are assigned Full
Control share permissions, Everyone is assigned Read permission. |
C$, D$, E$, etc.
|
Each volume on a hard
disk is shared. to provide easy access of the entire volume
to Administrators. Administrators are assigned Full Control
share permissions. |
You can also create hidden shares yourself by adding a $ sign
to the end of the share's name.
Users can connect to a share in several ways, for example:
1. Using My Network Places/Windows Explorer you can browse to
the share or use the Add Network Place wizard.
2. Using a direct UNC path, for example: //FileServer12/ShareX
3. Using My Network Places/Windows Explorer or the net
use command to map a drive letter to a share.
Offline Files
Back to top
Offline Folder allows user to cache the contents
of a share and make it available offline, so they can access
the files and some programs, even when they are not connected
to the network. To allow a shared folder to be cached offline,
in Windows Explorer/My Computer right-click the folder or drive,
click Properties and then the Caching button
on the Sharing tab.
If you enable the option Allow caching of
files in this shared folder you can choose one of the following
three settings:
| Manual
caching of documents |
This is the the default
setting when you enable caching. Users will be able to
manually select the files they want to make available
offline. |
| Automatic
caching of documents |
Each file that is opened
from this share will automatically be copied to the Offline
Files folder. |
Automatic
caching of programs and documents
|
This setting allows caching
of files that are read-only such as program files. |
To enable and configure the Offline Files feature on a client
computer, from the Tools menu in My Computer choose
Folder Options and click the Offline Files
tab. Here you can disable/enable Offline Files, configure synchronization
at logon and/or logoff, enable encryption for all offline files,
and set the maximum amount of disk space used for offline files
(default is 10% of drive space). When you click the Advanced
button, you can also view and delete the offline files,
and configure what action should be taken when the network connection
is lost.
Before files are actually cached on your client, you need to
select the shares you wish to make available offline. You can
do this simply by right-clicking a drive mapping, and choosing
Make available offline.
Additonal Resources
- Description
of the FAT32 File System in Windows XP
- HOW
TO: Convert a FAT16 or FAT32 Volume to NTFS in Windows XP
- File
compression overview
- How
to Share and Set Permissions for Folders and Files Using Windows
XP
- Description
of File Sharing and Permissions in Windows XP
 |
|
|
| |
Current related
exam objectives for the 70-270 exam:
Implementing and Conducting Administration of Resources:
Monitor, manage, and troubleshoot access to files and folders.
- Configure, manage, and troubleshoot file compression.
- Control access to files and folders by using permissions.
- Optimize access to files and folders.
Manage and troubleshoot access to shared folders.
- Create and remove shared folders.
- Control access to shared folders by using permissions.
Configure and manage file systems.
- Convert from one file system to another file system.
- Configure NTFS, FAT32, or FAT file systems.
Manage and troubleshoot access to and synchronization of offline
files. |
Click
here for the complete list of exam objectives.
|
Discuss this TechNote here |
Author:
Johan Hiemstra |
|
|
|
Members-only
Printer-friendly version
