Deploying a File Server
Skills Matrix
Technology Skill Objective Domain Objective #
File Server
• The most basic and the most universal type of application server, is found on almost every network.
• Included in every server installation include the following:
– Disk management
– Planning for fault tolerance
– Folder sharing
– Access control using share and NTFS permissions
Storage Technology
• In addition to estimating the amounts of processor speed, memory, and disk space you require, consider whether your needs call for specialized file server hardware.
– ATA versus SCSI
•Serial ATA
– Redundant Array of Inexpensive Disks (RAID)
– External Drive Arrays
•Storage area network (SAN)
Clustering Servers
• A cluster is a group of servers that all perform the same function, dividing the client load among them.
• Failover clustering provides the ultimate in scalability and fault tolerance.
• If you need more performance, you add another server to the cluster.
• If one of the servers in the cluster fails, then the others take up the slack until you can repair or replace it.
Working with Disks
• When working with disks, you must do the following:
– Select a partitioning style (MBR or GPT).
– Select a disk type (Basic or Dynamic).
– Divide the disk into partitions or volumes.
Partition Style
• Two hard disk partition styles can be used in Windows Server 2008:
– MBR — The MBR partition style has been around as long as Windows and is still the default partition
style for x86-based and x64-based computers.
– GPT — GPT has also been around for a while, but no x86 version of Windows prior to Windows Server
2008 and Windows Vista supports it. (Windows XP Professional x64 Edition does support GPT.)
Basic Disks and Partitions
• When you work with basic disks in Windows Server 2008:
– You can create up to four primary partitions.
Dynamic Disks
Simple and Spanned Volumes
• Simple volume
– Consists of free space contained on a single physical disk.
– You can configure all of the available space on a disk as a simple volume, or you can configure multiple
simple volumes using the space on a single disk.
• Spanned volume
– Made up of free space from multiple physical disks. – Spanned volumes are not fault-tolerant.
•If you lose one disk in the volume, you will lose all data contained on all disks.
Striped Volume
• Made up of free space from multiple disks.
• Unlike a spanned volume, though, a striped volume uses RAID-0 striping to interleave the data across the disks.
• Improves the read performance of the volume.
• Striped volumes are also not fault-tolerant and will not withstand the loss of a disk in the volume.
Mirrored Volume
• Fault-tolerant volume consisting of two
physical disks, in which the data on one disk is copied exactly onto the second disk.
RAID-5 volume
• A fault-tolerant volume where data is interleaved across three or more disks much in the same way as in a striped volume.
• Has additional information known as parity.
• If one disk in a RAID-5 volume fails, the data
contained on the failed disk can be rebuilt using the parity information stored on the disks in the rest of the volume.
File Systems
• In Windows Server 2008, three file system options are available: NTFS, FAT32, and FAT (also known as FAT16).
• NTFS is the preferred file system for a file server.
– The main benefits are improved support for larger hard drives and better security in the form of encryption and permissions that
Reasons for File Sharing
• To enable users to collaborate on projects by sharing files.
– To back up document files more easily.
– To protect company information by controlling access to documents.
– To reduce the number of shares needed on the network.
– To prevent the need to share access to workstations. – To monitor users’ storage habits and regulate their
disk space consumption.
Arranging Shares
• A well-designed sharing strategy provides each user with three resources:
– A private storage space, such as a home folder, to which the user has exclusive access.
– A public storage space, where each user can store files that they want colleagues to be
able to access.
Permissions
• Permissions are privileges granted to specific system entities, such as users, groups, or computers, enabling them to perform a task or access a resource.
– Share permissions
– NTFS permissions
– Registry permissions
Permissions
• When you assign permissions to a system element, you are, in effect, creating a new ACE in the element’s ACL.
• There are two basic types of ACE:
– Allow
Inheriting Permissions
• Permissions tend to run downwards through a hierarchy.
Effective Permissions
• The combination of Allow permissions and Deny permissions that a security principal receives for a given system element,
whether explicitly assigned, inherited, or received through a group membership:
– Allow permissions are cumulative.
– Deny permissions override Allow permissions.
Combining Share and NTFS Permissions • On networks already possessing a
well-planned system of NTFS permissions, share permissions are not really necessary.
• You can safely grant the Full Control share permission to Everyone, overriding the
default Read permission, and allow the NTFS permissions to provide security.
Mapping Drives
• Make sure that users can access their folders.
– the Folder Redirection settings in Group
Policy to map each user’s Documents folder to his or her home folder on the network
share.
Shadow Copies
• Shadow Copies is a Windows Server 2008
mechanism that automatically retains copies of files on a server volume in multiple versions from specific points in time.
• When users accidentally overwrite or delete files, they can access the shadow copies to restore
earlier versions.
• Shadow Copies is a file-based fault tolerance mechanism that does not provide protection
against disk failures, but it does protect against the minor disasters that inconvenience users and
Offline Files
• A mechanism that individual users can employ to maintain access to their server files, even if the network service fails.
• Windows workstations copy server-based
folders that users designate for offline use to the local drive, and the users work with the copies, which remain accessible whether the computer is connected to the network or not. If the network connection fails, or the user
Offline Files
• When the computer reconnects to the network, a synchronization procedure replicates the files between server and workstation in whichever direction is necessary.
• If there is a version conflict, such as when
users have modified both copies of a file, the system prompts the user to specify which
Backing Up
• Server administrators should understand
that none of the fault-tolerance mechanisms are substitute for a reliable backup solution.
• Regular backups to an offline, and
preferably offsite, medium enable you to
Summary
• Planning is a critical part of a file server
deployment. Your deployment plan should
specify how many file servers you need, what hardware they should have, how you will
configure them, how you will share the server data, and how you will protect the data.
Summary
• Windows Server 2008 supports two hard
disk partition types: MBR and GPT; two disk types: basic and dynamic; five volume types: simple, striped, spanned, mirrored, and
RAID-5; and two file systems: NTFS and FAT.
• Creating folder shares makes the data
Summary
• Windows Server 2008 has several sets of permissions that operate independently of each other including NTFS permissions,
Summary
• NTFS permissions enable you to control
access to files and folders by specifying the tasks individual users can perform on them. Share permissions provide rudimentary
access control for all of the files on a
network share. Network users must have the proper share and NTFS permissions to
access file server shares.
