Windows XP support the following file systems:
Disks formatted with the FAT file system can be accessed by MS-DOS,
all versions of Windows, and OS/2. The maximum supported volume size
is 4 GB, the maximum file size is 2 GB. This file system should only
be used on removable media such as floppy disks and hard disks smaller
than 512 MB.
The faster file system FAT32 is often used in multi-boot situations
with operating systems that do not support NTFS. Disks formatted with
the FAT32 file system are supported by Windows 95 OSR2, Windows 98
and ME, Windows 2000, and Windows XP. Windows NT 4 and earlier cannot
access FAT32 volumes. The maximum supported volume size for FAT32
is 2 TB, but Windows XP can format up to 32 GB only. The maximum file
size is 4 GB. The minimum size for a FAT32 volume is 512 MB. You cannot
format removable media such as floppy disks with FAT32.
Disks formatted with NTFS version 5 can only be accessed by Windows
NT 4.0 with Service Pack 4 or higher, Windows 2000, and Windows XP.
NTFS supports a volume size over 2 TB and the maximum file size is
limited only by the available free space. You cannot format removable
media such as floppy disks with NTFS. Besides being able to handle
large disks, NTFS is the preferred file system for Windows 2000 and
XP because of the extra features it offers, including:
- File and folder permissions - (discussed below)
- File and folder compression - (discussed below)
- Encrypted File System (EFS) - (see EFS
- Disk Quotas - Allows quotas to be assigned to users for disk space
usages per volume. Quotas are only available on NTFS volumes
and can be enabled and configured on the Quota tab on a volume's Properties
This is the file system used on compact discs. You cannot format regular
disks with this file system.
Converting File Systems
You can convert FAT file systems to NTFS using the following command:
convert c: /fs:ntfs
The convert utility cannot be used to convert from NTFS to another
file system. For example if you converted a FAT32 partition to NTFS
and you want to revert it back to FAT32, you will have to create a
full backup, reformat the drive with FAT32, and restore the backup.
FILE AND FOLDER COMPRESSION
Compression allows compression of individual files and folders, as
well as entire NTFS drives. The process of compression and decompression
is transparent to the user. For example, when a user opens a document
from a NTFS compressed disk, the document is decompressed automatically,
when the user saves the document it is compressed again. This process
might decrease your computer’s performance; it's best to compress
static data and only if it really saves space, you don't want to waste
CPU cycles compressing a ZIP file for example. An NTFS-compressed
file cannot be encrypted, and an encrypted file cannot be compressed.
If you do enable compression for an encrypted file, the file will
lose it's encryption attribute before it is compressed.
You can enable compression for a volume when you format it. To enable
compression on an existing volume, right-click it and choose Properties
from the context menu, on the General tab enable the option
Compress drive to save disk space. To compress a file or
folder, right-click it and choose Properties from the context
menu, click the Advanced button and below Compress and
Encrypt attributes enable the option Compress contents to
save disk space. When you enable compression on a folder or volume,
Windows will ask if you want to enable compression for all the files
and subfolders in the folder or volume as well. Besides using Windows
Exporer, you can also use the command compact
to compress or decompress a file or folder.
When you copy a compressed file to a folder on the same,
or a different volume, it inherits the compression state of the target
folder. This works also vice versa; when you copy an uncompressed
file to a folder with compression enabled, the file will inherit the
the target's compression state and thus it will be compressed.
When you move a compressed file to a folder without compression
on the same volume, the file retains its compression attribute.
When data is moved within the same volume, the data is not actually
relocated, just the pointer to it, this is why it retains the compression
attribute. When you move a compressed file to a folder without
compression on a different NTFS volume, the file inherits
the compression state of the target folder. If the target is not compressed,
or is a FAT or floppy disk, the file will be uncompressed. A move
between volumes is actually considered a copy; after the source file
is copied to the target volume the source file is deleted.
By default, compressed files and folders are displayed in a different
color, you can change this by choosing
Folder Options in the Tools menu of My Computer/Windows
Explorer. Click on the View tab and enable the option:
Show encrypted or compressed NTFS files in color.
Compressed (zipped) Folders
A new feature introduced in Windows XP is Compressed Folders.
These are ZIP files that can be used like regular folders, with some
limitations and some advantages. The main limitation is that many
programs can't be run directly from the ZIP file because they might
depend on files outside the Compressed Folder. Also you cannot save
files to a compressed folder (zip file), you have to use drag and
drop or copy and paste. Some advantages of Compressed (zipped) Folders
are that they can easily be transported on removable media and the
Internet, they can be used on FAT partitions, and they can be protected
with a password. Compressed Folders are not available on Windows XP
The easiest way to create a Compressed Folder is by right-clicking
the desktop, point to New, and then select Compressed
(zipped) Folder. You can also use the File menu in My
Computer. A Compressed Folder is represented by a Folder icon
with a zipper.
NTFS FILE PERMISSIONS
One of the main reasons to use NTFS is the possibility to assign permissions
for individual files and folders. Each file and folder on an NTFS
volume contains an Access Control List (ACL). This list is filled
with entries for groups and individual user accounts and their corresponding
permissions. When a user tries to access a resource, Windows XP checks
the ACL if the user is listed and what level of permission is assigned.
The following permissions can be assigned for files and folders:
||Allows user read files and list
the contents of folders, subfolders and volumes, including the
attributes, permissions and ownership of the files.
the same as Read and additionally allows the user to modify
and create files and (sub-)folders as well as changing attributes.
the same as Read and additionally allows users to run applications.
as Read plus Write and and additionally allows executing applications
everything permitted by the other permissions and and additionally
a user with Full Control can change permissions and take ownership
For folders only, the following additional permission can be assigned:
user to read files and list the contents of folders and volumes,
user with this permissions can only see the files and folders,
not read or change them.
To assign NTFS permissions in Windows Explorer/My Computer, right-click
a file, folder, or drive, and click Properties and then the
Security tab. If your computer is not a member of a domain,
you have to disable the option Use simple file sharing on
the View tab of Folder Options before you can see the Security
Under Group or user names: on the Security tab,
select or add a group or user, and allow or deny
one of the permissions listed in the table above. Denying permissions
is usually only done to make an exception, for example, you could
allow Modify permission for the Sales group and deny
the same permission for certain user account in the Sales group.
are cumulative. For example, John is a member of the Sales group and
the Management group. Sales has been allowed Modify permissions for
the folder Sales_reports and the files in it. Management has been
allowed Read permissions for the same folder and the files in it.
John's effective permissions in this case is Modify.
File permissions override folder permissions. For
example, if user David has been allowed Read permissions for the folder
and Full Control permissions for a file work.doc, his effective
permissions for the work.doc file is Full Control.
In addition to the permissions listed in the tables above, you can
also assign special permissions by clicking the Advanced
button on the Security tab.
When a user creates a file or folder Windows XP automatically assigns
Full Control permissions to the creator/owner. You can take ownership
of a file by replacing the owner with your own account or with one
of the groups you are a member of. You must have Full Control or the
special permissions Take Ownership to be able to take ownership of
a file or folder.
SHARED FOLDERS & PERMISSIONS
A shared folder (commonly referred to as a share)
is a folder or entire volume that is published on the network and
can be remotely accessed by other users. The shared folder can be
used as if it were a local folder; to store data, and even to run
applications from the share over the network. Members of the built-in
group Administrators, Server Operators and Power Users can share folders.
If the shared folder is located on an NTFS volume, users need at least
the NTFS permission Read for the local folder to be able to access
it, regardless of the share permissions assigned to it.
A Windows XP client that is not a member of a domain uses Simple
File Sharing by default. If you want to set advanced options
such as permissions, caching and a user limit, you need to disable
this option first. From the Tools menu in My Computer choose
Folder Options, disable the option Use simple file sharing
on the View tab.
Here are a couple of common ways to create a shared folder:
1. Using the Shared Folders snap-in, which is included by default
in the Computer Management console. In the console tree, click Shares
(below Computer Management|System Tools|Shared Folders). On the Action
menu, click New File Share. You will be prompted to select the folder
or drive, enter the share name and description, and set permissions.
2. Using the following command at the command prompt: net
3. In Windows Explorer/My Computer right-click the folder or drive,
click Properties and then the Sharing tab. Enable the option Share
this folder, enter a name for the share, an optional description and
configure other settings as depicted in the following image.
When you share a folder, you can set a User limit to set
a maximum amount of users that can connect to the share simultaneously.
There are three different share permissions that can be assigned to
groups and individual user accounts. These permissions apply only
when connecting to the share over the network. The share permissions
do not apply to users who log on to the local machine. If you want
local security use NTFS file and folder permissions.
user to read files and list the contents of folders and volumes.
This allows executing applications as well.
the same as Read and allows the user to modify and create files
Allows the same as Change and allows the user to modify Share
permissions as well.
you set permissions you can either Allow or Deny them to a user or
group. Typically you would allow a group share permissions and deny
the same permissions to certain members of that group. The default
permissions for new shares is Read to Everyone.
When you combine NTFS permissions and share permissions the most restrictive
permission counts. For example, if you create a folder with files
and assign them Full Control NTFS permissions to Everyone
and share the same folder and assign the share permission
Read to Everyone, users connecting through the network will have Read
To assign share permissions in Windows Explorer/My Computer right-click
the folder or drive, and then click Properties and then the
Permissions button on the Sharing tab. Under Group
or user names: select or add a group or user, and allow
or deny one of the permissions listed in the table above.
By default, Windows XP creates several hidden administrative shares:
is the system root, usually C:\Windows, Administrators are assigned
Full Control share permissions.
is the %systemroot%\System32\Spool\Drivers folder, this folder
is created when printers are shared to allow clients to automatically
download the printer drivers. Administrators and Power users
are assigned Full Control share permissions, Everyone is assigned
D$, E$, etc.
Each volume on a hard disk is shared. to provide easy access
of the entire volume to Administrators. Administrators are assigned
Full Control share permissions.
You can also create hidden shares yourself by adding a $ sign to the
end of the share's name.
Users can connect to a share in several ways, for example:
1. Using My Network Places/Windows Explorer you can browse to the
share or use the Add Network Place wizard.
2. Using a direct UNC path, for example: //FileServer12/ShareX
3. Using My Network Places/Windows Explorer or the net
use command to map a drive letter to a share.
Offline Folder allows user to cache the contents of a share and make
it available offline, so they can access the files and some programs,
even when they are not connected to the network. To allow a shared
folder to be cached offline, in Windows Explorer/My Computer right-click
the folder or drive, click Properties and then the Caching
button on the Sharing tab.
If you enable the option Allow caching of files in this shared
folder you can choose one of the following three settings:
caching of documents
is the the default setting when you enable caching. Users will
be able to manually select the files they want to make available
caching of documents
file that is opened from this share will automatically be copied
to the Offline Files folder.
caching of programs and documents
This setting allows caching of files that are read-only such
as program files.
To enable and configure the Offline Files feature on a client computer,
from the Tools menu in My Computer choose Folder Options
and click the Offline Files tab. Here you can disable/enable
Offline Files, configure synchronization at logon and/or logoff, enable
encryption for all offline files, and set the maximum amount of disk
space used for offline files (default is 10% of drive space). When
you click the Advanced button, you can also view and delete
the offline files, and configure what action should be taken when
the network connection is lost.
Before files are actually cached on your client, you need to select
the shares you wish to make available offline. You can do this simply
by right-clicking a drive mapping, and choosing Make available
of the FAT32 File System in Windows XP
TO: Convert a FAT16 or FAT32 Volume to NTFS in Windows XP
to Share and Set Permissions for Folders and Files Using Windows XP
of File Sharing and Permissions in Windows XP
related exam objectives for the 70-270 exam:
Implementing and Conducting Administration of Resources:
Monitor, manage, and troubleshoot access to files and folders.
- Configure, manage, and troubleshoot file compression.
- Control access to files and folders by using permissions.
- Optimize access to files and folders.
Manage and troubleshoot access to shared folders.
- Create and remove shared folders.
- Control access to shared folders by using permissions.
Configure and manage file systems.
- Convert from one file system to another file system.
- Configure NTFS, FAT32, or FAT file systems.
Manage and troubleshoot access to and synchronization of offline files.
Date: Saturday, April 15, 2003
MCSE NT4 MCSA 2000/2003
CCNA CCDA CNA Security+ CWNA