Chapter 5 Configuring, Managing, and Troubleshooting Resource Access

Slides:



Advertisements
Similar presentations
MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) Chapter 2 Installing Windows Server 2008.
Advertisements

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
1 Distributed File System, and Disk Quotas (Week 7, Thursday 2/21/2007) © Abdou Illia, Spring 2007.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
MIS 431 Chapter 71 Ch. 7: Advanced File Management System MIS 431 Created Spring 2006.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
Lesson 4: Configuring File and Share Access
Chapter 4 Introduction to Active Directory and Account Management
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
1 Using Compressed Files and Folders Applications and operating systems read and write to compressed files. NTFS uncompresses the file before making it.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
MCSE Guide to Microsoft Windows 7 Chapter 5 Managing File Systems.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.
Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security.
Chapter 5 File and Printer Services
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 6: Windows File and Print Services.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.
Gorman, Stubbs, & CEP Inc. 1 Introduction to Operating Systems Lesson 12 Windows 2000 Server.
Chapter 6 Configuring Windows Server 2008 Printing
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 5: Managing File Access.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
Managing Groups, Folders, Files and Security Local Domain local Global Universal Objects Folders Permissions Inheritance Access Control List NTFS Permissions.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
1 Chapter Overview Creating Drive and Folder Shares Using Distributed File System Installing Network Printers Administering Network Printers Managing Share.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.
MCSE Guide to Microsoft Windows Vista Professional Chapter 5 Managing File Systems.
Page 1 NTFS and Share Permissions Lecture 6 Hassan Shuja 10/26/2004.
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
1 Objectives Discuss File Services in Windows Server 2008 Install the Distributed File System in Windows Server 2008 Discuss and create shared file resources.
MCSE GUIDE TO MICROSOFT WINDOWS 7 Chapter 5 Managing File Systems.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
Configuring and Managing Resource Access Lecture 5.
Windows Server 2003 檔案分享管理 林寶森
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
Planning File and Print Services Lesson 5. File Services Role The File Services role and the other storage- related features included with Windows Server.
11 SUPPORTING WINDOWS XP FILE AND FOLDER ACCESS Chapter 5.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
Lesson 4: Configuring File and Share Access
Module 4: Managing Access to Resources
Managing Data by Using NTFS
Managing Data by Using NTFS
Chapter 9: Managing Groups, Folders, Files, and Object Security
File System Management
Introducing NTFS Reliability Security Long file names Efficiency
Hands-On Microsoft Windows Server nd Edition
Presentation transcript:

Chapter 5 Configuring, Managing, and Troubleshooting Resource Access MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 5 Configuring, Managing, and Troubleshooting Resource Access

Learning Objectives Set up security for folders and files Configure shared folders and shared folder security Install and set up the Distributed File System Configure disk quotas Implement UNIX compatibility MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Managing Folder and File Security Steps for sharing resources Creating accounts and groups Create access control lists (ACLs) Types of ACLs Discretionary ACL (DACL) Configured by a server administrator or owner of an object System control ACL (SACL) Contains information used to audit the access to an object MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Managing Folder and File Security (cont’d.) DACL and SACL controls for folders and files Attributes Permissions Auditing Ownership MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Attributes Stored as header information with each folder and file Along with other characteristics including volume label, designation as a subfolder, date of creation, and time of creation Read-only and hidden attributes Set on General tab in an NTFS folder’s or file’s properties dialog box Advanced attributes Archive, index, compress, and encrypt MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Attributes (cont’d.) Figure 5-1 Attributes of a folder on an NTFS formatted disk Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Attributes (cont’d.) Archive attribute Checked to indicate that the folder or file needs to be backed up because it is new or changed Index Attribute vs. Windows Search Service Index attribute and accompanying Indexing Service are legacy features for continuity with earlier operating systems MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Attributes (cont’d.) Windows Search Service Install the File Services role via Server Manager Indexed files include: Files in the Documents folder for an account e-mail files Photos and multimedia files Files that are commonly accessed Maintain Windows Search Service through Control Panel MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Attributes (cont’d.) Figure 5-3 Configuring advanced indexing options Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Attributes (cont’d.) Compress Attribute Reduce the amount of disk space used for files Disadvantage of compressed files is increased CPU overhead to open the files and to copy them Encrypt Attribute Only user who encrypts folder or file is able to read it MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Attributes (cont’d.) Microsoft Encrypting File System (EFS) Sets up a unique, private encryption key associated with the user account that encrypted the folder or file Uses both symmetric and asymmetric encryption techniques Activity 5-1: Encrypting Files Objective: Encrypt files in a folder MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Permissions Control access to an object, such as a folder or file Use Edit button on the folder properties Security tab Change which groups and users have permissions to a folder Figure 5-4 Configuring folder permissions Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Permissions (cont’d.) Table 5-1 NTFS folder and file permissions MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Permissions (cont’d.) Activity 5-2: Configuring Folder Permissions Objective: Configure permissions on a folder so that users can modify its contents Inherited permissions Parent object permissions apply to child object Activity 5-3: Removing Inherited Permissions Objective: Remove inherited permissions on a folder Activity 5-4: Configuring Special Permissions Objective: Configure special permissions for a folder to grant a group expanded access MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Permissions (cont’d.) Figure 5-5 Advanced Security Settings dialog box Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Table 5-2 NTFS folder and file special permissions MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Auditing Track activity on a folder or file, such as read or write activity NTFS folders and files Audit combination of any or all of activities listed as special permissions Activity 5-5: Auditing a Folder Objective: Configure auditing on a folder to monitor how it is accessed and who is making changes to the folder MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Auditing (cont’d.) Figure 5-8 Folder auditing selections Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Ownership Folders Owned by the account that creates them Owners have ability to change permissions for folders they create Taking ownership Transfer ownership Administrator can always take ownership MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Folder and File Ownership (cont’d.) Figure 5-9 Taking ownership of a folder Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Shared Folders and Shared Folder Permissions Users can access over the network Changed in Windows Server 2008 from previous versions Make person offering share more aware of security options Activity 5-6: Enabling Sharing a Folder Objective: Turn on file sharing and public folder sharing MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Shared Folders and Shared Folder Permissions (cont’d.) Figure 5-10 File Sharing dialog box Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Shared Folders and Shared Folder Permissions (cont’d.) Figure 5-11 Sharing tab Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Shared Folders and Shared Folder Permissions (cont’d.) Share permissions for an object Differ from the NTFS access permissions set through the Security tab NTFS and share permissions are cumulative Four share permissions associated with a folder Reader Contributor Co-owner Owner MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Shared Folders and Shared Folder Permissions (cont’d.) Folder caching options Only the files and programs that users specify will be available offline All files and programs that users open from the share will be automatically available offline Files or programs from the share will not be available offline Activity 5-7: Configuring a Shared Folder Objective: Configure a shared folder, share permissions, and offline access MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Publishing a Shared Folder in Active Directory Publish an object Make it available for users to access when they view Active Directory contents Directory Service Client (DSClient) Software that enables older operating systems to search Active Directory Activity 5-8: Publishing a Shared Folder Objective: Publish a shared folder in Active Directory MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Troubleshooting a Security Conflict Review folder and share permissions for: User account All of the groups to which user belongs Effective Permissions tab Helps troubleshoot permissions conflicts To access: Right-click a folder or file, click Properties, click the Security tab, click the Advanced button, and click the Effective Permissions tab MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Troubleshooting a Security Conflict (cont’d.) Take into account what happens when a folder or files in a folder are copied or moved Activity 5-9: Troubleshooting Permissions Objective: View the effective permissions on a folder MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Figure 5-13 Examining effective permissions as a troubleshooting aid Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Implementing a Distributed File System Distributed File System (DFS) Simplify access to the shared folders on a network By setting up folders to appear as though they are accessed from only one place Makes managing folder access easier for server administrators Configured using the DFS Management tool in the Administrative Tools menu Shared folder contents can be replicated to one or more DCs or member servers MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Implementing a Distributed File System (cont’d.) Advantages Save time searching NTFS access permissions apply Fault tolerance Load balancing Improved access for Web-based internet and intranet Backups made more easily Important information is not lost when a disk drive on one server fails Users always have access to shared folders even in the event of a disk failure MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

DFS Models Stand-alone Domain-based No Active Directory implementation available to help manage the shared folders Provides only a single or flat level share Domain-based Takes full advantage of Active Directory Available only to servers and workstations that are members of a domain MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

DFS Topology Hierarchical structure of DFS in domain-based model Namespace root Main container in Active Directory Holds links to shared folders that can be accessed from the root Populated by shared folders for users to access Replication group Set of shared folders replicated or copied to one or more servers in a domain MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Installing DFS Installed as a service within the File Services role Figure 5-14 Selecting to install DFS Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Figure 5-15 Configuring the namespace type Courtesy Course Technology/Cengage Learning MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Installing DFS (cont’d.) Activity 5-10: Creating a Namespace Root Objective: Configure a namespace root MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Managing a Domain-Based Namespace Root System Tasks involved in managing the namespace root Creating a folder in a namespace Delegating management Tuning a namespace Deleting a namespace root Using DFS replication MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Managing a Domain-Based Namespace Root System (cont’d.) Creating a Folder in a Namespace Folder target is a path in the Universal Naming Convention (UNC) format Universal Naming Convention (UNC) Naming convention that designates network servers, computers, and shared resources Activity 5-11: Adding a Folder and Folder Target in DFS Objective: Add a folder in DFS MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Managing a Domain-Based Namespace Root System (cont’d.) Delegating Management Day-to-day activities can be managed by an assistant or by another person Right-click namespace and click Delegate Management Permissions Tuning a Namespace Configure the order for referrals Configure cache duration for a namespace or folder Configure namespace polling Configure folder targets as enabled or disabled MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Managing a Domain-Based Namespace Root System (cont’d.) Deleting a Namespace Root Delete namespace root via the DFS Management tool Click namespace root and click Delete Using DFS Replication Defined two or more folder targets Decide which server is to be the primary group member Click a folder under the namespace root in the tree of the DFS Management tool Replication is handled by the File Replication Service MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Managing a Domain-Based Namespace Root System (cont’d.) Important improvements to DFS replication Enables faster and more reliable recovery Faster for all sizes of files More efficient over LANs and WANs MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Disk Quotas Advantages of disk quotas Prevent users from filling the disk capacity Encourage users to help manage disk space Track disk capacity needs Provide server administrators with information about when users are nearing or have reached their quota limits Quotas can be set on any local or shared volume MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Disk Quotas (cont’d.) Parameters Enable quota management Deny disk space to users exceeding quota limit Do not limit disk usage Limit disk space to Set warning level to Log event when a user exceeds their quota limit Log event when the user exceeds their warning level MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Configuring Disk Quotas (cont’d.) Activity 5-12: Configuring Disk Quotas Objective: Enable disk quotas and then set a disk quota for a specific group of users MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Using UNIX Interoperability in Windows Server 2008 Subsystem for UNIX-based Applications (SUA) Provides compatibility with UNIX and Linux systems SUA functionality Run UNIX/Linux applications with few or no changes to the program source code. Run UNIX/Linux scripts Use popular UNIX/Linux shells Run most UNIX/Linux commands Run the popular vi UNIX/Linux editor MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Using UNIX Interoperability in Windows Server 2008 (cont’d.) Compiler Program that reads lines of program code in a source file and converts the code into machine-language instructions the computer can execute Script Consists of lines of commands that are executed when you run the script Shell Interface between the user and the operating system Korn or C shell MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Using UNIX Interoperability in Windows Server 2008 (cont’d.) Dynamic-link library (DLL) Contain program code that can be called and run by Windows applications Server for Network Information Services Provides a naming system for shared resources on a UNIX/Linux network MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Using UNIX Interoperability in Windows Server 2008 (cont’d.) New features for SUA More transparent ability for UNIX/Linux applications to connect to Oracle and SQL Server databases Inclusion of true 64-bit libraries New utilities Use Microsoft Visual Studio for designing UNIX/Linux applications MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Summary Discretionary access control lists Manage access to resources Folder and file attributes provide one level of security Permissions provide another level of security Folders can be shared for users to access over a network Use Effective Permissions capability to troubleshoot a security conflict MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Summary (cont’d.) Distributed File System (DFS) Disk quotas Set up shared folders that are easier for users to access and can be replicated for backup and load distribution Disk quotas Manage the resources put on a server disk volume Subsystem for UNIX-based Applications Provides compatibility with UNIX and Linux systems MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.