5. PARTITIONING A BASIC DISK Chapter 3: Managing Disks and File Systems Primary Partitions Extended Partitions Four primary partitions maximum or up to three if there is an extended partition. A basic disk can contain only one extended partition. Can be marked as the active partition, BIOS looks for the active partition to locate boot files to start the operating system (only one active partition per hard disk). Can’t be marked as the active partition. Can be formatted and assigned a drive letter. Divided into logical drives, each of which can be formatted and assigned a drive letter.
6.
7. UPGRADING BASIC DISKS TO DYNAMIC DISKS Chapter 3: Managing Disks and File Systems Basic Disk Structure Extended Partitions Primary partition Simple volume Extended partition Simple volume for each logical drive and any remaining unallocated space Logical drive Simple volume Volume set Spanned volume Stripe set Striped volume
8.
9. MANAGING STORAGE ON REMOTE SYSTEMS Chapter 3: Managing Disks and File Systems
This chapter covers configuration and management of storage devices. We will discuss hard disks, CD-ROMs, and DVD storage devices. We will also define basic and dynamic storage, volumes and partitions, and management of removable media. We will present NTFS compression and encryption, examine disk quotas, and finish with a survey of Disk Defragmenter, Chkdsk, and Disk Cleanup.
The Disk Management MMC snap-in is used for most disk configuration and management tasks. We will present some of these tasks in the next series of slides.
Many students will be familiar with the traditional basic disk. It consists of a partition table and one or more partitions whose starting and ending sectors are recorded in the partition table. Partition boundaries are rigid, and you cannot change them without restarting (and in some cases reinstalling) the operating system. Dynamic disks differ in that the information relating to storage zones (called volumes ) is kept in a 1-MB database at the end of the disk. You can expand volumes and build fault-tolerant storage structures without restarting the operating system. Windows XP Professional does not support fault tolerance on dynamic disks, but it does support other features such as spanned and striped volumes and adding storage while operating.
One of the principal restrictions of basic disks is the fixed partitioning requirements.
You can create as many simple volumes on a dynamic disk as is practical. You can extend them by adding free disk space, and you can have them span up to 32 disks, using volumes of various sizes on each disk. A spanned volume is not fault tolerant and will lose data if one of the disks fails. Striped volumes stripe data across up to 32 disks to enhance read/write performance. Striped volumes are also not fault tolerant. Fault-tolerant volumes are not supported in Windows XP, but they are supported on Microsoft’s server products. Users who require fault tolerance might investigate hardware fault-tolerance solutions.
The table shows the results when upgrading storage from basic to dynamic. You cannot import volume sets and stripe sets into Windows XP without first upgrading the basic disks to dynamic disks. You must do this before upgrading the operating system to Windows XP. Be sure to mention that Windows NT systems do not support dynamic disks, so these systems must be upgraded first to Windows 2000 Professional and then to Windows XP. Alternatively, you can back up the disks and then restore them after the upgrade.
If time permits, use Disk Management to create partitions or volumes, convert a basic disk to dynamic, or create a spanned or striped volume.
By connecting the Computer Management console to a remote system, either Windows XP or Windows Server, you can manage storage on the remote system. This slide shows Computer Management being directed to manage a remote system. Mention that in this way, Disk Management can actually manage fault-tolerant volumes on a remote Windows Server, even when it cannot create them locally. For remote management to work, the person attempting to connect remotely must be in the local Administrators group, Domain Admins group, or Server Operators group (if in a domain environment). Workgroup users can also remotely manage storage, but they must have the same username and password on the remote system that they used for the local system. The account also must have administrative privileges on the remote system.
Removable storage management is one of the great undocumented areas of Windows XP and Windows Server 2003. Removable storage separates device control from the application and allows you to provide a common media interface for programs, for reading or writing information to tape archives, CD-ROMs, and other media. You can use the Removable Storage Manager (RSM), part of the Computer Management console, to manage removable media. If time permits, demonstrate the RSM by injecting and ejecting media and viewing the media work queues.
The four default media pool types are listed on this slide. Discuss each briefly, giving an example of when it can be used. Free This pool contains all media detected by the system but not allocated to any application. Import This pool contains media that are recognized but known to contain data from another application. It is placed here to protect the media until they can be managed. Unrecognized This pool contains media that the system does not recognize—typically media of a type not known to the system, but sometimes corrupted media of a known type. Application-specific Applications such as Backup create media pools to manage their own media.
Windows XP provides two methods of compressing files on disk. Compressed folders create a .zip archive of the folder, and NTFS compression compresses the folder and files in place. If time permits, show students how to enable alternative colors for compressed folders.
Compressed folders are simply archives that use the Zip compression algorithms. Those who choose to view file extensions will note the .zip file extension on the compressed folder. The advantages of compressed folders include the ability to be stored on FAT or FAT32 partitions, to be transmitted via e-mail, and to be stored on removable media.
NTFS compression requires an NTFS partition. NTFS compression is managed via the compression attribute on files, folders, and drives. If time permits, show students how to enable alternative colors for compressed folders.
It is important for students to understand the underlying operation of the file system during a move or copy operation. Moving a file within an NTFS volume simply changes a pointer to its physical location in the Master File Table. Compression can be held as an attribute under these circumstances. When a file is copied, either within a volume or to another volume, it must exist in two places at once. That means the second version, the copy, must be created in the target folder. Because NTFS files must inherit the attributes of the folder they are created in, they inherit the compression attributes of the target folder. This also holds true when a file is moved to another volume. Each volume has its own address space, and a file cannot simply change its address to another volume that is not aware of its existence. It must be created in that other volume and thus be bound to the attributes of the target folder.
Each file is stored on disk along with the file encryption keys used to encrypt it (the keys the Encrypting File System (EFS) uses to decrypt the file), which have themselves been encrypted with the user’s public key and the recovery agent’s public key. Thus either party can decrypt the file. The user key–encrypted version of the file encryption keys is stored in the Data Decryption Field (DDF), and the agent key–encrypted version of the file encryption key is stored in the Data Recovery Field (DRF). During decryption, the user’s key decrypts the file encryption key, which is then used to decrypt the file. If the user’s key is unavailable, the recovery agent’s key can be used to decrypt the file encryption key in the DRF, and the file encryption key can then be used to decrypt the file.
You can encrypt files and folders by selecting the Encrypt Contents To Secure Data attribute in Advanced Attributes section of the object’s Properties dialog box or by using the Cipher.exe command with the /E switch.
File contents are decrypted whenever a user with a valid decryption key opens them, but you can decrypt an entire file permanently by clearing the Encrypt Contents To Secure Data attribute in the Advanced Attributes section in the object’s Properties dialog box or by using the Cipher.exe command with the /D switch.
Just when students are getting the hang of how things move around NTFS, we throw the EFS at them! Be sure to emphasize that the EFS is complementary to NTFS. For security reasons, an encrypted file remains encrypted until you manually decrypt it by changing its encryption attribute—with the exception that when you copy or move the file to a non-NTFS disk partition, the security of the encrypted contents are maintained because any access to a file (whether to modify it, move it, or copy it) requires a decryption key. The only users who should have a key to decrypt the file encryption keys are the file’s original creator and the recovery agent. Any other user attempting to move an encrypted file to another file system will not be allowed to do so. Backups can still back up encrypted files using a special case designed into the EFS. Backup programs can back up an encrypted file raw, preserving the encryption even on the backup media.
The user who encrypted a file can share it with designated users, by accessing the Details dialog box under Advanced Attributes, accessed from the Properties dialog box for the encrypted file (accessed by right-clicking the file and selecting Properties). Sharing a file in this way creates a new DDF for the new user, encrypted with her key.
This slide shows the location of the Details dialog box for sharing encrypted files.
When a file is encrypted, the recovery agent’s key is used to encrypt the file encryption key that is placed in the Data Recovery Field (DRF). If a new recovery agent is designated, all encrypted files should be decrypted and re-encrypted so the new agent’s key is used to protect the DRF. A recovery agent’s certificate should be exported to physical media and stored in a protected location. When a new recovery agent is designated, the original recovery agent’s certificate must be kept until no files exist that use the original recovery agent’s key. Failure to preserve the recovery agent’s key will result in the inability to recover the file.
Disk quotas are more often seen in server environments. Your students might see them in workgroup environments, but only infrequently. Emphasize the per-user/per-volume nature of the limits. Storing files in community folders counts toward the quota, so users who maintain a large number of public files might need an individual quota setting.
Disk Defragmenter is an underutilized tool for optimizing your system. During the days of Windows NT, the operating system did not have a defragmentation tool. But vendors such as Raxco and Executive Software proved that their utilities could produce significant gains in system performance. Microsoft now recommends defragmentation to improve disk performance, and it includes the Disk Defragmenter utility for that purpose. Point out that Disk Defragmenter can be used only by members of the local Administrators group to analyze and defragment disks.
Chkdsk is used to check the health and consistency of files, folders, and free space on a disk. It recovers data from bad disk sectors and repairs indexes. When discussing the options available with command-line Chkdsk, display the syntax on your screen (Chkdsk /?). This makes it easier to discuss applicable options.
Disk Cleanup can find and free disk space that is being used by temporary files, setup files, old applications, even the Recycle Bin. Disk Cleanup is run from All Programs | Applications | System Tools.
Summarize the chapter, reiterating the warning about losing EFS recovery certificates. If time permits and students are interested, you might demonstrate EFS recovery certificate creation, export, and deletion.