Effectively manage storage space for Windows 2003

In the day-to-day work of the network administrator, file server is the object we often deal with, maybe we all have such a problem, some colleagues always will own personal files, such as MP3 songs, download software, movies and so on casually put on the server, wasted a lot of space on the server, And some of the work of some colleagues of the important documents but because of lack of space can not be placed on the server. Is there a way to effectively manage disk space? The first thing we have to do is install and configure the file server on Windows 2003, on the basis of which file services and resource sharing, through the control of access to resources to ensure access to data on the file server security, set disk quotas to effectively manage our limited disk space.

Installing and configuring a file server on Windows 2003

The file service is not the default installation component for Windows Server 2003, so you need to manually add the installation of the service. During the installation of the file server, the quotas for the disk are set up and a shared folder is added, and the permissions for the shared folder are simply set. Due to the limited space, the specific steps to install a file server are not much to say here.

Because of security considerations, all folders in the server are not shared in the default state. When you create a file server, you create only one shared folder, so if you want to grant users access to a resource, you must first set the folder to be shared. Then give the user permission to grant the appropriate access. If you create different groups of users and add users with the same access rights to the same user group, the assignment of user rights becomes simple and quick. There are four ways we can set up resource sharing in Win2003: Setting up resource sharing in a file server, setting up folder sharing in Explorer, setting up folder sharing in the console tree, and setting up Windows Server 2003 Web share.

Ii. Access and permissions control of network resources on Windows 2003 file servers
For WINDOWS2000/XP users, you do not need to log on to a Windows Server 2003 file server at all, and you can access the resources you need simply by typing your username and password when you access the shared resource. Users of Windows 98/me must log on to the file server to achieve access to shared resources. We can access through My Network Places, find computers, network drive mappings, and web-shared files. The situation is more complex for windows98/me Client access to win2003 file servers; If Windows 98/me users are not logged on to the domain, access to the shared resource will not be achieved. The system will display the Type password prompt box. Therefore, to enable windows98/me to access shared folders in Windows Server 2003, you must be logged on to the server. When the windows98/me computer starts, the logon dialog box appears, where you type the username and password, and then click OK to log in to the specified Windows Server 2003 domain.

Windows 2003 servers should use the NTFS file system to enable secure access to resources. With NTFS permissions, you can control user accounts and groups ' access to folders and files. Of course, NTFS permissions apply only to NTFS disk partitions and not to FAT or FAT32 file systems. Windows 2003 provides NTFS permissions only for disk partitions formatted with NTFS. To protect files and folders on NTFS disk partitions, you need to grant NTFS permissions for each user account that accesses the resource. Users must have a clear authorization to access resources. User account you cannot access the appropriate file or folder if the group has not been granted the appropriate permissions.

For each file and folder on an NTFS disk partition, NTFS stores a remote access Control list (ACL). ACLs contain all user accounts, groups, and computers that are authorized to access the file or folder, as well as the types of access they are granted. In order for a user to access a file or folder, a corresponding element must be included in the ACL for the appropriate user account, group, or computer to which the user belongs, which is called an access control element (ACE). In order for a user to have access to a file or folder, the access control element must have the type of access requested by the user. If the ACL does not exist for the corresponding ace, Windows 2003 denies the user access to the appropriate resource.