Test 2 Prep.docx

14 Pages
Unlock Document

Ryerson University
Information Technology Management
ITM 315
Frank Prychidny

Chapter 5  Shared folder  A data resource made available over a network to authorized network clients  Specific permissions required for creating, reading, modifying  Groups that can create shared folders:  Administrators  Server Operators  2 Ways to create shared folders:  Computer management console – A predefined Microsoft management console application that allows you to perform a variety of administrative tasks, such as sharing and monitoring folders for both local and remote computers. My computer, manage, right click shares folder - > new share  Windows explorer interface – In start, accessories -> Windows Explorer -> make folder - > right click and pick sharing and security -> check share this folder  Net Share Command Hidden folders in My Network Place is done by placing a $ at the end of the name  Administrators have full access, everyone has read access  A shared folder has a discretionary access control list (DACL)  Contains a list of user or group references that have been allowed or denied permissions  Each reference is an access control entry (ACE); Each user or group listed in DACL is this  Accessed from Permissions button on Sharing tab of folder’s properties  Permissions only apply to network users, not those logged on directly to local machine  Deny always overrides any permissions that are allowed  i.e. if you deny a shared folder permission to a user, the user will not have that permission, even if you allow the permission for a group of which the user is a member  Share permissions apply to folders not files  Permissions on a shared folder are inherited by subfolders  Shared folders permissions provide a way to secure file resources on FAT and NTFS partitions. (They are the ONLY way to secure file resources on FAT volumes)  Default permissions on a shared folder give Everyone group read access  Should be addressed immediately when a share is created NTFS Permissions  Permissions: Privileges to access and manipulate resource objects, such as folders and printers  NTFS permissions are applied whenever a folder or file is accessed – the user may be logged on to the computer where the file is located or may access the file across a network connection.  NTFS permissions are configured vie the Security tab which is accessed by right-clicking any file or folder and clicking Properties.  Access denial always overrides permitted access  NTFS folder permissions are inherited unless otherwise specified  NTFS permissions can be set at file or folder level  Permissions are Cumulative  NTFS file permissions take priority over NTFS folder permissions.  e.g. if a user is assigned the Write permission to a folder and the Modify permission to a file in that folder, the user can both write to and modify the file  e.g. if a user has no permissions to a folder but has Change permission for a file in that folder, will the user be able to open the file? How?  (If a user has no permissions for a folder that contains a file for which the user has Change permission, the user can open the file form the file’s appropriate application by typing the full UNC or path to the file.)  When a user or group is added to an NTFS file or folder, the default permissions are:  Read  Read and Execute  List Folder Contents  Windows Server 2003 has set of standard permissions plus special permissions  14 Special permissions; advanced button in security tab Effective Permissions  Permissions that actually apply to a user can be the result of membership in multiple groups  Prior to Windows Server 2003, determining effective permissions was done manually  In Windows Server 2003, there is an Effective Permissions tab in Advanced Security Settings dialog box for resource  Shows specific permissions for a user or group Guidelines for Setting Permissions  Protect the Windows folder that contains operating system files by allowing limited access, such as Read & Execute, List Folder Contents  Protect server utility folders (containing backup software and network mgt), with access only for Administrators, Server Operators, Backup Operators  Protect software application folders with Read & Execute  Set up publicly used folders with Modify for broad user access  Give users Full Control of their own home folders  Remove general access groups such as Everyone and Users from confidential folders  Organize resources so that folders with the same security requirements are located within a folder.  For example, if users require Read permission for several application folders, store the application folders within the same folder. Then share this folder instead of sharing each individual application folder.  It is better not to assign permissions than to deny permissions  Err on the side of too much security at first, because it is easier to give users more permissions later than to take away permissions after users are used to having them  For example, if users need only to read information in a folder, and they will never delete or create files, assign the Read permission  Was folder/file copied or moved? Permissions may be inherited or lost depending on the destination  Moving files or folders  Within the same NTFS volume? Permissions are retained.  To a different volume? Permissions of the destination folder are inherited by the folder or file  Copying files or folders  Within or between NTFS volumes – permissions are inherited  Review folder permissions and share permissions by checking effective permissions (access folder’s properties, security tab, Advanced, Effective Permissions tab) – the calculation you see takes group membership and permission inheritance into account  Create a shared folder (Sharing is the only way to make folders and their contents available over the network)  In general, use NTFS permissions to better control access to files and subfolders in the shared folders Converting Fat Partion to NTFS  Does not happen reverse  Command utility: Convert Chapter 6  Basic disk  The traditional storage type  Divides physical disk space into primary partitions, extended partitions, and logical drives  All disks are automatically initialized as basic when Windows Server 2003 is installed – you must convert to dynamic  PARTITIONS function as physically separate storage units  A basic disk can contain up to 4 primary partitions OR up to 3 primary partitions and one extended partition (use extended partition to overcome the limitation of only being able to create 4 primary partitions)  One of the primary partitions is marked as Active (an active partition is where the h/w looks for the boot files to start the OS)  Divide an extended partition into segments  Each segment is a logical drive  Assign a drive letter to each logical drive and format it with a file system   Dynamic Disk:  Divides physical disk space into volumes  Some reasons for converting to dynamic disks:  Volumes can be extended  RAID volumes can be configured  Changes to disks can be made without having to restart the computer (e.g. size/re-size a dynamic disk without restarting Windows Server 2003)  Virtually no restriction to the # of volumes implemented on one disk – more flexibility  Divided into VOLUMES which can consist of a portion or portions of one or more physical disks. Dynamic disks can contain:  Simple volume – 1 Disk  Spanned volume – 2 to 32 discs  Includes disk space from multiple disks  Data is written to first disk included in spanned volume until it’s full, then next, etc.  One reason to use a spanned volume is if you have several areas of free disk space scattered across a server’s disk – combine these into one volume with its own drive letter to reduce the # of drive letters needed to make use of the space  Another reason is you need a volume that is too big for a single disk  Striped volume – 2 to 32 discs  Data stored in stripes on 2+ disks  Space on multiple disks makes up 1 logical volume  Windows Server 2003 adds data to all disks at the same rate (concurrently)  Optimizes performance (faster I/O)  RAID 5 volume - 3 to 32 discs  Data stored in stripes on 3+ disks  Windows Server allows you to configure a RAID volume in software (avoid buying RAID hardware)  A fault-tolerant striped volume  Windows Server 2003 adds a parity information stripe to each disk partition in the volume allowing data to be reconstructed if a physical disk fails  Parity is a mathematical method of determining the number of odd and even bits in a series of numbers – used to reconstruct data if one number in a sequence of numbers is lost  Because of parity calculation, writing to disk is slower; reading is faster due to multiple controllers on multiple drives where data resides  If a single disk fails, Windows can use the data and parity info on the remaining disks to reconstruct the data that was on the failed disk (after a new disk is installed)  If more than one disk fails, must recover from backup  Mirrored volume  Mirrored Volume: 2 disks  Two identical copies of a single volume on two disks  Fault-tolerant  If you need to keep 2 separate copies of all your data to prevent loss  Managing Disks  The Disk Management snap-in can be used to  Centrally configure and manage volumes  Convert a basic disk to a dynamic disk Fault Tolerance – The ability of a system to gracefully recover from hardware or software failure Redundant Array of independent disk (RAID) – is a set of standards for lengthening disk life, preventing data loss, and enabling relatively uninterrupted access to data  Hardware – On adapter; chip with battery; expensive Importing Foreign Discs – Right click on disc and choose import foreign discs option Other disk management utilities:  Check Disk/CHKDSK – Scan your disk for bad sectors and file system sectors; unavailable during the scan; 2 options: Automatically fix file system errors; Scan for and attempt recovery of bad sectors  CONVERT – Command line use to convert fat partitions to ntfs file systems; convert g: /fs:ntfs  Disk Cleanup – Allows to quickly determine how much disk space could potentially be freed up on a particular volume or partition by removing unnecessary files  Desk Defragmenter/ DEFRAG – locates fragmented folders and files and moves them to a location on the physical disk so they are in contagious order; defrag d: -f (Bath volume) –a (Analyze)  DISKPART – Configure active partition, assign driver letters, control file system mounting, create and extend volumes and partitions, implement fault tolerance schemes, import disks and more  FORMAT - Allows admin to not only specify which of the supported file systems should be
More Less

Related notes for ITM 315

Log In


Don't have an account?

Join OneClass

Access over 10 million pages of study
documents for 1.3 million courses.

Sign up

Join to view


By registering, I agree to the Terms and Privacy Policies
Already have an account?
Just a few more details

So we can recommend you notes for your school.

Reset Password

Please enter below the email address you registered with and we will send you a link to reset your password.

Add your courses

Get notes from the top students in your class.