CHAPTER 18

                              MANAGING DATA STORAGE

 

 

Lesson 1:  Managing NTFS Compression

 

 

Microsoft Windows 2000 File System (NTFS) compression enables you to compress files and

folders.  Compressed files and folders occupy less space on an NTFS-Formatted volume,

which enables you to store more data.  Each file and folder on an NTFS volume has a

compression state, which is either compressed or uncompressed.

 

 

Using Compressed Files and Folders

 

Compressed files can be read and written to by any Microsoft Windows based or MS-DOS

based application without first being uncompressed by another program.

 

When an application, such as Microsoft Word for Windows, or an operating system command,

such as Copy, request access to a compressed file, NTFS automatically uncompresses the file

before making it available.  When you close or explicitly save a file, NTFS compresses it again.

 

If you copy a compressed file to an NTFS volume with enough space for the compressed file,

but not enough space for it when it is uncompressed, you may get an error, stating there is not

enough disk space for the file.  The file will not be copied to the volume.

 

 

Compressing Files and Folders:

 

You can set the compression state of folders or files, and you can change the color that is used

to display compressed files and folders in Windows Explorer.

 

Right click Properties/ Advanced button.  In the Advanced attributes, select compress contents

to save disk space check box.

 

NOTE:  NTFS encryption and compression are mutually exclusive.  Therefore, if you select the

Encrypt Contents to Secure Data check box, you can’t compress the folder or file.

 

 

 

 

======================================================================

 

winpro18.html                                                PAGE 2                                                        2001/12/12

 

 

 

 

IMPORTANT

 

To change the compression state for a file or folder, you must have Write Permission for that file

or folder.

 

 

The compression state for a folder doesn’t reflect the compression of the files and subfolders in

that folder.  A folder can be compressed, yet all of the files in that folder can be uncompressed. 

Alternatively, an uncompressed folder can contain compressed files.  When you compress a

folder, Windows 2000 displays the Confirm Attribute changes dialog box, which has the two

additional options:

 

 

Apply Change to This            Compress only the folder that you have selected

Folder Only

 

Apply Changes to This          Compress the folder and all subfolders and files

Folder, Subfolder, and           that are contained within it and added to it

Files subsequently.

 

 

 

NOTE:  Windows 2000 doesn’t support NTFS compression for cluster sizes larger than

4KB because compression on large clusters causes performance degradation.  If you select

a larger cluster size when you format an NTFS volume, compression isn’t available for that

volume.

 

 

Selecting an Alternate Display Color for Compressed Files and Folders

 

• Windows Explorer/Tools Menu/Folder Options.
• View tab/Display Compressed Files and Folders with Alternate color check box.

 

 

Copying and Moving Compressed Files and Folders

 

Specific rules determines whether the compression state of files and folders is retained when

you copy or move them within and between NTFS and FAT volumes.  The following list

describes how Windows 2000 treats the compression state of a file or folder when you copy

or move a compressed file or folder within or between NTFS volumes or between NTFS and

FAT volumes.

 

Copying a file within an NTFS volume.  The file inherits the compression state of the target folder. 

For example, if you copy a compressed file to an uncompressed folder, the file is automatically

uncompressed.  (See figure A, next page)

 

 

======================================================================

 

winpro18.html                                                PAGE 3                                                        2001/12/12

 

 

 

 

Copying a file or folder between NTFS volumes.  The file or folder inherits the compression state

of the target folder.   (See Figure C)

 

Moving a file or folder within an NTFS volume.  The file or folder retains its original compression

state.  For example, if you move a compressed file to an uncompressed folder, the file remains

compressed.  (See Figure B)

 

Moving a file or folder between NTFS volumes. The file or folder inherits the compression

state of the target folder.  Windows 2000 treats a move as a copy and then a delete, the file

inherits the compression state of the target folder.(See Figure C)

 

Moving or copying a file or folder to a FAT volume.  Compression is only supported by

Windows 2000 or NTFS.  When you move or copy a compressed NTFS file or folder to a FAT

volume, Windows 2000 automatically uncompresses the file or folder.

 

Moving or copying a compressed file or folder to a floppy disk.  When you move or copy a

compressed NTFS file or folder to a floppy disk, Windows 2000 automatically uncompresses the

file or folder.

 

 

NOTE:  Windows 2000 doesn’t support NTFS compression for cluster sizes larger than 4KB

because compression on large clusters causes performance degradation.  If you select a larger

cluster size when you format an NTFS volume, compression isn’t available for that volume.

 

 

Using NTFS Compression

 

Because some file types compress more than others, select file types to compress based on the

anticipated resulting file size.   Bitmaps will often compress to less than 50%.

 

Do not store compress files, such as PKZIP files, in a compressed folder.

There is no gain in space with a PKZIP file.  It is a waste of time!

 

To make it easier to locate compressed data, use a different display color for compressed

folders and files.

 

Compress static data rather than data than changes frequently.

 

NTFS compression can cause performance degradation when you copy and move files. 

When a compressed file is copied, it is uncompressed, copied and then compressed again

as a new file.  Compress static data rather than data then changes frequently or is copied or

moved frequently.

 

 

======================================================================

 

winpro18.html                                                PAGE 4                                                         2001/12/12

 

 

 

 

Lesson Summary:

 

•   Windows NTFS file system automatically uncompresses the file before making it available,

and when you close or explicitly save a file, NTFS compresses it again.

•   You can change the color that is used to display compressed files and folders in Windows

Explorer to distinguish them from uncompressed files and folders.

•   NTFS encryption and compression are mutually exclusive.
•   When you copy within NTFS volume, the File Inherits compression state of target folder.
•   When you move a file or folder within NTFS volume, the file or folder retains its original

compression state.

•   When you copy or move a file or folder between NTFS volumes, the file or folder inherits

the compression state of the target folder.

•   When you move or copy a compressed NTFS file or folder to a FAT volume or a floppy

disk, Windows 2000 automatically uncompresses the file or folder.

 

 

Lesson 2:  Managing Disk Quotas

 

Disk quotas allow you to allocate disk space usage based on the files and folders that users own.

 

My Computer/Explore/Properties/Quota.  You can log the Quota events in the Event Viewer.

 

Quotas are traced on a per-user basis, every user’s disk space is tracked regardless of the folder

 in which the user stores files.  (See the chart)

 

NOTE:  Disk quotas can be applied only to Windows 2000 NTFS volumes.  NOT FAT.

 

System Administrators can use disk quotas to monitor and control hard disk space by doing

the following:

 

•   Set a disk quota limit to specify the amount of disk space for each user.

 

•   Set a disk quota warning to specify when Windows 2000 should log an event, indicating that

the user is nearing his or her limit.

 

•   Enforce disk quota limits and deny user access if they exceed their limit, or allow them

continued access.

 

•   Log an event when a user exceeds a specified disk space threshold. 

 

•   By default, only members of the Administrator Group can view and change disk quota settings.

 However, you can allow users to view quota settings.

 

 

 

======================================================================

 

winpro18.html                                                PAGE 5                                                         2001/12/12

 

 

 

Determining the Status of Disk Quotas

 

You can determine the status of disk quotas in the Properties dialog box for a disk by checking the

traffic light icon and by reading the status message to its right.

 

• A red light indicates the disk quotas are disabled.
• A yellow traffic light indicates that Windows 2000 is rebuilding disk quota information.
• A green light indicates that the disk quota system is active.

 

 

Determining Best Uses of Disk Quotas

 

If you enable the disk quotas settings on the volume where Windows 2000 is installed and your

user account has disk quota limit, log  on as Administrator to install additional Windows 2000

components and applications.   You can monitor hard disk usage and generate hard disk usage

information without preventing users from saving data.  To do so, clear the Deny Disk Space to

Users Exceeding Quota Limit check box when you enable disk quotas.

 

Set more restrictive default limits for all users accounts.  If  computers running Windows 2000 P

are shared by more than one user, set disk quota limits on computer volumes so that disk space

is shared by all users who share the computer.

 

Generally, you should set disk quotas on shared volumes to limit storage for users.  Delete disk

quota entries for a user who no longer stores files on a volume.  Before you can delete a quota

entry for a user account, you or the user must remove all files that the user owns from the volume

or another user must take ownership of the files.  Quotas are useful on the Server, it keeps it

from being too big, and users being careless with their files clean-up.  This way if you have quotas

you can manage the server space more efficiently.

 

 

Lesson 3:  Increasing Security with EFS

 

The Microsoft Encrypting File System (EFS) provides encryption for data in NTFS files stored

on disk.  EFS encryption is public key-based and runs as an integrated-system service, making

it easy to manage, difficult to attack, and transparent to the file owner.

 

 

======================================================================

 

winpro18.html                                                PAGE 6                                                         2001/12/12

 

 

 

Understanding EFS

 

EFS allows users to encrypt NTFS files by using a strong public key-based 

Cryptographic scheme that encrypts all files in a folder.  Users with roaming profiles can use

the same key with trusted remote systems.

 

Backups and copies of encrypted files are also encrypted if they are in NTFS volumes.  Files

remain encrypted if you move or rename them, and encryption isn’t defeated by temporary files

created during editing and left encrypted in the paging file or in a temporary file.

 

You can set policies to recover EFS-encrypted data when necessary.

 

EFS is implemented either from Windows Explorer, or from the command line.  It can be enabled

or disabled for a computer, domain or OU by resetting recovery policy in the Group Policy console

in the MMC.

 

NOTE:  To set group policy for the domain or for an OU, your computer must be part of a

Windows 2000 domain.

 

You can use EFS to encrypt and decrypt files on remote file servers but not to encrypt data that is

transferred over the network.

 

 

Encrypting

 

The recommended method to encrypt files is to create an NTFS folder and then “encrypt” the

folder.  Folder Properties/General tab/Advanced/Encrypt Contents to Secure data box.  Folders

that are marked for encryption aren’t actually encrypted, only the files within the folder are

encrypted.

 

NOTE:  Compressed files can’t be encrypted, and encrypted files can’t be compressed.

 

 

After you encrypt the folder, when you save a file in that folder, the file is encrypted by using file

encryption keys, which are fast symmetric keys designed for bulk encryption.  The file is encrypted

in blocks, with a different file encryption key for each block.  By default, encryption provided by EFS

is standard 56-bit encryption.

 

 

 

 

 

======================================================================

 

winpro18.html                                                PAGE 7                                                         2001/12/12

 

 

 

You can use a file that you encrypted just like you would use any other file.  Encryption is transparent. 

You don’t need to decrypt a file you encrypted before you can use it.  When you open an encrypted

 file,  your private key is applied to the DDF to unlock the list of file-encryption keys, allowing the file

contents to appear in plain text.

 

 

NOTE:  Encrypted files can’t be shared.

 

 

Decrypting

 

Decrypting folder or file refers to clearing the Encrypt Contents to Secure Data check box in a folder’s

or file.

 

Using the Cipher Command

 

Windows 2000 also included command-line utilities for the richer functionality that is required for

some administrative operations.

 

 

Using the Recovery agent

 

If the owner’s private key is unavailable, a person designated as the recovery agent can open the

file using his or her own private key, which is applied to the DRF to unlock the list of file-encryption

keys.

 

NOTE  The default recovery agent is the administrator of the local computer unless the computer

is part of a domain.  In a domain, the domain administrator is the default recovery agent.

 

 

Lesson Summary:

 

•   EFS provides the core file-encryption technology for storage of NTFS files on disk.  EFS allows

users to encrypt NTFS files by using a strong public key-based cryptographic scheme that encrypts

all files in a folder.

•   You can implement EFS is either Windows Explorer or from the Command line, using commands

such as Cipher.

•   You can use EFS to encrypt and decrypt files on remote computers, but you can’t use it to

encrypt data that is transferred over the network.  Windows 2000 provides network protocols,

such as SSL, to encrypt data over the network.

 

 

 

 

======================================================================

 

winpro18.html                                                PAGE 8                                                         2001/12/12

 

 

 

 

Lesson 4:  Using Disk Defragmenter

 

When your hard disk contains a lot of fragmented files and folders, your computer takes longer to

gain access to them because it requires several additional reads to collect the various pieces. 

Creating new files and folders also take longer because the available free space on the hard disk

is scattered.

 

 

Defragmenting Disks

 

The process of finding and consolidating fragmented files and folders is called defragmenting.  Disk

defragmenter can defragment FAT, FAT32, and NTFS volumes.

 

Red indicates fragmented files.

Dark blue indicates contiguous (nonfragmented) files.

White indicates free space on the volume.

Green indicates system files, which Disk Defragmenter can’t move.

 

Lesson Summary:

 

•   Windows 2000 saves files and folders in the first available space on a hard disk and not

necessarily in an area of contiguous space.  This leads to file and folder fragmentation.

•   Disk Defragmenter also consolidates free space, making it less likely that new files will

be fragmented. 

•   Disk Defragmenter can defragment FAT, FAT32 and NTFS volumes.