Managing file services - Training Guide Administering Windows Server 2012 R2 (2014)

Training Guide Administering Windows Server 2012 R2 (2014)

Chapter 9. Managing file services

The management of file servers is an important, if somewhat less than invigorating, task that Windows Server administrators need to perform on a regular basis because file servers are the most commonly deployed workload for computers running a Windows Server operating system. The main thing that administrators need to ensure is that file servers remain available. To ensure that a file server remains available, you need to be able to control what files are stored there, not only by type and size, but also by age and content. In this chapter, you’ll learn how to use File Server Resource Manager (FSRM) to control the type of files that are stored on file servers. You’ll learn how to simplify the location of specific shared folders in an organization that has a large number of file servers. You’ll also learn how to protect volumes and individual files with encryption.

Lessons in this chapter:

Image Lesson 1: Configuring File Server Resource Manager

Image Lesson 2: Configuring a Distributed File System

Image Lesson 3: Configuring file and disk encryption

Before you begin

To complete the practice exercises in this chapter:

Image You need to have deployed computers SYD-DC, MEL-DC, and ADL-DC, as described in the Introduction, using the evaluation edition of Windows Server 2012 R2.

Lesson 1: Configuring File Server Resource Manager

File Server Resource Manager (FSRM) enables you to simplify the management of file servers by the following:

Image Enabling you to apply storage quotas

Image Using file screens

Image Performing file classification

Image Generating reports on the properties of volumes, folder trees, and folders

In this lesson, you’ll learn how to stop users from consuming more than a specified amount of storage space in a folder, how to block them from writing specific file types to a folder, and also learn how to generate reports listing the biggest files stored on a volume, and files that have not been accessed recently.

After this lesson, you will be able to:

Image Configure quotas.

Image Configure file screens.

Image Enable file classification.

Image Configure file management tasks

Image Generate storage reports.

Estimated lesson time: 45 minutes

Configuring quotas

Image

Quotas enable you to control the amount of storage space consumed by a user on a volume, folder tree, or individual folder. In previous versions of the Windows server operating system, NTFS quotas enabled you to apply quotas on a per-volume basis. FSRM quotas are more sophisticated, enabling you to apply different quotas to different folder trees on the same volume.

You apply quotas to different locations using a quota template. As Figure 9-1 shows, a quota template enables you to specify a space limit, determine whether the quota is hard or soft, and provide notification thresholds.

Image

FIGURE 9-1 Quota template

The difference between a hard quota and a soft quota is as follows:

Image A hard quota blocks users from exceeding the specified limit. They can’t write additional data to the folder tree to which the quota template applies.

Image A soft quota doesn’t block users from exceeding the specified limit.

You can configure notification thresholds at any percentage of the quota, including values above the quota value, such as 150 percent. Each notification threshold can be configured separately. You can configure the following options at a notification threshold:

Image Threshold Value at which the threshold action is triggered.

Image E-mail Sends an email message when storage utilization exceeds the threshold value.

Image Event Log Writes an item to the event log when storage utilization exceeds the threshold value.

Image Command Runs a command when storage utilization exceeds the threshold value.

Image Report Generates a report when storage utilization exceeds the threshold value.

Configuring file screens

Image

File screens enable you to block specific file types, on the basis of the file name extension, from being written to volumes, folder trees, or individual folders. You configure file screens by selecting a specific file group to the screen or by selecting a file screen template and applying it to a specific location.

A file group is a collection of file types associated with a particular kind of file. For example, the Image Files file group includes the file extensions associated with common image file formats such as .bmp, .jpg, .gif, and .png. You can edit which file extensions are associated with existing file groups or create custom file groups.

A file screen template, shown in Figure 9-2, includes file groups, email settings, event log settings, command prompt settings, and report settings related to the file screen. You use these additional settings to configure a response when a user attempts to write a file to a location that is screened.

Image

FIGURE 9-2 File screen template

Real World: Getting around file screens

Clever users can get around file screens by changing the file name extension. If you find a clever user who perpetrates this type of shenanigan, draft her into the IT department.

A file screen exception enables you to create an exemption to an existing file screen. For example, you might have a file screen that blocks a number of file types being written to a specific volume, but you might need to allow one of those blocked file types to be written to a specific folder on that volume. To deal with this scenario, you configure a file screen exception. You specify the exception path, as shown in Figure 9-3, and the file groups to be excluded from screening. The exception applies only to the specified path.

Image

FIGURE 9-3 File screen exception

Image Quick check

Image You want to allow file types to be written to a subfolder that are blocked by a file screen applied to the folder. How can you accomplish this goal?

Quick check answer

Image Configure a file screen exception.

Enabling file classification

File classification enables you to apply metadata to files based on file properties. File classification properties can use one of the following property types:

Image Yes/No A Boolean value of either YES or NO. When multiple values apply, NO overrides YES.

Image Date-Time A date and time property.

Image Number A numeric property.

Image Multiple Choice List A list of values that can be assigned to a property. Multiple values are allowed.

Image Ordered List A fixed list of values. If multiple values apply, the one closest to the top of the list is used.

Image String A text string that can be assigned to the property.

Image Multi-string A list of strings that can be assigned to a property.

Figure 9-4 shows a file classification property.

Image

FIGURE 9-4 File classification property

A file classification rule applies a property to a file. When configuring a classification rule, you specify a scope, a classification mechanism, the property to be assigned to the file, and additional classification parameters.

Configuring file management tasks

File management tasks enable you to perform operations, from simply moving files to running a program (as shown in Figure 9-5) on files that have a specific classification property applied. For example, you can configure a file management task to automatically move files over a certain age to a shared folder on another server. When configuring a file management task, specify the following:

Image The scope of files to be checked for a condition

Image The condition checked for

Image The action taken

Image The task schedule

Image Notification and report settings

Image

FIGURE 9-5 File management task

Generating reports

Image

A storage report enables you to generate information about the type and nature of files stored on a storage server. Storage reports give you the information that you need to configure effective file screens and quotas. FSRM in Windows Server 2012 and Windows Server 2012 R2 support the following storage reports:

Image Duplicate Files Enables you to locate duplicate files.

Image File Screening Audit Enables you to generate a list of files blocked by a file screen on a per-user basis.

Image Files By File Group Lists files by file group. For example, all files on a file share that match the properties of the Office Files file group. You configure file groups when configuring file screens.

Image Files By Owner Enables you to view files by owner. You can use this report to determine which users are consuming a disproportionate amount of disk space.

Image Files By Property Enables you to view files on the basis of file classification property.

Image Folders By Property Enables you to view folders on the basis of classification property.

Image Large Files A report of files that are larger than a specified size.

Image Least Recently Accessed Files A report of files that have not been accessed in a specified number of days.

Image Most Recently Accessed Files A report of files that have been accessed in a specified number of days.

Image Quota Usage A report of information on quotas where the quota usage exceeds a benchmark value.

When you want to generate reports, you create a report task. You use the Storage Reports Task Properties dialog box, shown in Figure 9-6, to configure which reports to include in a report task. You can also configure the parameters and scope of the reports. The parameters and scope of the reports determine which folders will be checked, whether the reports are emailed, and how often the reports are generated. Reports can be output in HTML, DHTML, XML, CSV, and Text format. Reports can also be run on an on-demand basis if necessary.

Image

FIGURE 9-6 Configure storage reports

Note: File Server Resource Manager

For more information about FSRM, consult the following TechNet article at http://technet.microsoft.com/en-us/library/hh831701.aspx.

Lesson summary

Image Quotas enable you to apply limits on the amount of data that a user can store in a particular folder or folder tree.

Image File screens enable you to block users from writing specific types of files to folders.

Image File classification enables you to assign metadata to files based on file properties.

Image File management tasks enable you to perform tasks on files based on the file metadata.

Image Storage reports enable you to generate reports about files stored in particular locations, including largest files, least recently accessed files, and duplicate files.

Lesson review

Answer the following questions to test your knowledge of the information in this lesson. You can find the answers to these questions and explanations of why each answer choice is correct or incorrect in the “Answers” section at the end of this chapter.

1. You want to stop users from saving audio and video files to shared folders hosted on your organization’s Windows Server 2012 R2 file servers. You have installed FSRM on each file server. Which of the following must you configure to accomplish this goal?

A. File Classification Rule

B. File Screen

C. File Screen Template

D. File Groups

2. You have configured a file screen for the Research shared folder. This file screen currently blocks all files except Office document files. You want to keep this file screen in place, but allow compressed files, which can’t be written to the Research folder, to be able to be stored in the Old_Projects folder, a subfolder of the Research folder. It should not be possible for users to store compressed files in the Research folder or in other subfolders of the Research folder. Which of the following should you configure to accomplish this goal?

A. File Screen Template

B. File Screen Exception

C. Classification Rule

D. File Groups

3. You want to apply the same file screen to 20 different shares hosted on a Windows Server 2012 R2 file server. This file screen includes six different file groups. Which of the following should you configure to minimize the amount of work you need to do to accomplish this goal?

A. Configure a file