Professional Windows Server 1002003 Security A Technical Reference [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Professional Windows Server 1002003 Security A Technical Reference [Electronic resources] - نسخه متنی

Roberta Bragg

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید









DisksConcepts

Like previous versions of Microsoft Windows, WS2003 supports older,
fixed-disk technologies, but it also supports some new technologies
that increase performance and make disk management easier.

Types of Disk Storage


WS2003 supports two types of fixed-disk storage:

Basic storage



This storage technology



is the same
as that of legacy versions of Microsoft Windows, including NT 4.0 and
3.51, Windows 98, and Windows 95. Basic storage divides disks into a
limited number of partitions and logical drives and supports advanced
features such as volume sets, stripe sets, stripe sets with parity,
and mirror sets.


Dynamic storage



This technology, available in WS2003 and W2K Server, divides disks
into an unlimited number of volumes. Dynamic storage supports
advanced features such as spanned volumes, striped volumes, RAID-5
volumes, and mirrored volumes.



In addition, WS2003 supports certain types of removable storage.

Basic Disks


When WS2003 is installed
on a system, its disks are first
configured to use basic storage. A disk that uses basic storage is
called a basic disk. Basic disks are similar to disks in NT 4.0 and
can consist of either:

  • Up to three primary partitions plus one extended partition. The
    extended partition can have up to 24 logical drives, and each primary
    partition and logical drive is identified by a unique drive letter
    from C to Z.

  • Up to four primary partitions and no extended partition or logical
    drives. Each partition is again identified by a unique drive letter.


Basic disks in WS2003 can be formatted using any of the following
filesystems: FAT, FAT32, and NTFS. This is different from NT 4.0
Server, which supported only FAT and NTFS. The only real advantage of
using basic storage is that you can dual-boot between WS2003 and
legacy operating systems such as NT 4.0 Server or Windows
98something you are unlikely to do on real production servers,
however. The disadvantages of basic disks are:

  • There is a limit of 4 primary partitions and 24 logical drives that
    you can create.

  • Configuration information concerning the disk is stored in the
    registry rather than on the disk itself. If the registry becomes
    corrupted, the data on the disk becomes unusable.

  • Basic disks in WS2003 can't be used to create the
    mirror sets, volume sets, stripe sets, and stripe sets with parity
    that you can create in NT. In order to use these advanced disk
    storage features, you must use dynamic storage instead of basic.


You can have mirror sets, volume sets, stripe sets, and stripe sets
with parity on WS2003 systems using basic storage, but only if you
upgraded the system from an earlier NT Server system that already had
these storage technologies in place.

Dynamic Disks


WS2003 also supports a more
advanced form of disk storage called
dynamic storage. A disk that uses dynamic storage is called a dynamic
disk. While basic disks contain partitions, dynamic disks contain
volumes, and these volumes can be identified by either:

  • Associating a volume with a drive letter. However, this can be used
    only to identify up to 24 different volumes (or 25 if you have no

    B : floppy drive in your system).

  • Mounting a drive, which associates a volume with a folder on an
    existing volume. This method overcomes the drive-letter limitation
    and also enables friendly names like

    My Volume
    to be used to identify volumes.


The advantages of dynamic disks are:

  • There is no limit to the number of volumes you can create on a
    dynamic disk (other than hardware limitations).

  • Configuration information concerning the disk is stored on the disk
    instead of in the registry and is replicated to all other dynamic
    disks in the system for fault tolerance.

  • You can extend a simple volume on a dynamic disk by adding
    unallocated space to it from the same disk (you
    can't extend partitions on basic disks).

  • Dynamic disks support advanced disk technologies such as spanned,
    mirrored, striped, and RAID-5 volumes.


The disadvantage of dynamic disks is that you can't
dual-boot between WS2003 and a legacy Windows operating system. Also,
once you convert a disk to dynamic storage, you
can't convert it back to basic without losing your
data (unless you backed it up).

Advanced Disk Technologies


A volume is an area of storage on a dynamic disk, and a simple volume
is a volume that occupies contiguous space on a single physical disk.
Simple volumes are for dynamic storage as primary partitions and
logical drives are for basic storage. Simple volumes can be extended
with unallocated space from the same drive as long as they are
formatted with NTFS. When extending a volume, WS2003 uses the
smallest area of contiguous unallocated space it can find on the
drive.

Other types of volumes supported by dynamic disks include:

Spanned volume



Created from two or

more areas of contiguous free space on the
same or on different physical disks that are combined into a single,
larger, logical storage area. Spanned volumes can be extended without
losing existing data by adding further areas of contiguous free
space, up to a maximum of 32 areas and up to 32 different disks.
However, once extended, they can't be reduced in
size. Data is written to the first area of the volume until it
becomes full, whereupon further data is written to the next area.
Spanned volumes aren't fault-tolerant, and if one
disk fails, the entire spanned volume is unrecoverable.


Striped volume (RAID-0)



Created from two or more

areas of contiguous free space on
different physical disks that are combined into a single, larger,
logical storage area. Like spanned volumes, striped volumes can
consist of between 2 and 32 areas of contiguous free space. Unlike
spanned volumes, however, each area of a striped volume must be on a
different physical disk, all areas must be the same size, and data is
written in an interleaved fashion across all areas instead of
sequentially area by area. This generally provides better read
performance than a spanned volume. Like spanned volumes, striped
volumes are also not fault-tolerant.


Mirrored volume (RAID-1)



A fault-tolerant technology

that consists of two separate simple
volumes that are configured to be identical copies of each other and
are located on different physical disks. When data is updated on one
disk, it is automatically updated on the other as well, and the pair
of volumes is identified to the system by a single drive letter or
mount point. If one disk in a mirrored volume fails, you still have
the complete data on the other disk.


RAID-5 volume



Created from three or more areas of contiguous free disk space on
different physical disks that are combined into a single, larger,
logical storage area. RAID-5 volumes are similar to striped volumes,
except that error-correcting parity information is distributed across
the set. The result is a popular fault-tolerant disk storage
technology called RAID-5, which maintains data integrity in the event
of failure of a single physical disk belonging to the set. RAID-5
volumes can use between 3 and 32 different disks.



The advanced disk technologies supported by Windows 2003 are similar
to those supported by NT 4.0 Server but are named differently, as
shown in Table 4-8.

Table 4-8. Disk terminology in WS2003 and NT Server

NT


WS2003


Basic storage


Basic storage


Dynamic storage


Partition


Partition


Simple volume


Primary partition


Primary partition


Simple volume


Extended partition


Extended partition


N.A.


Logical drive


Logical drive


Simple volume


Mirror set


N.A.


Mirrored volume


Volume set


N.A.


Spanned volume


Stripe set


N.A.


Striped volume


Stripe set with parity


N.A.


RAID-5 volume

If you want to extend volumes or create striped, spanned, or
fault-tolerant volumes, you first have to convert your disks from
basic to dynamic storage. You can convert your disks without
rebooting the systemunless the disk contains your system or
boot partition or the active paging file.

To convert them to dynamic disks, basic disks must have a minimum of
1 MB of free space. This free space is used to store the database
containing the configuration information concerning all the dynamic
disks in the system. When you partition a basic disk, make sure you
leave at least 1 MB of free (unallocated) space on the disk in case
you later want to convert it to dynamic storage.


The conversion of a disk from basic to dynamic storage should take
place with no loss of data on the disk, but, to be safe, you should
always back up a basic disk before converting it to dynamic.

Disk Quotas


Disk quotas manage the

amount
of disk space that users can utilize. Quotas are available only on
NTFS partitions or volumes. Disk quotas can be configured several
ways:

  • Quota limits can be either enforced or not. If enforced, users who
    exceed their limits are denied access.

  • Warnings can be issued when a user is nearing the configured quota
    limit.

  • An entry can be logged in the event log when a warning is issued,
    when a limit is exceeded, or both.


Disk quota limits are based on file ownership and not on where the
files are located on a quota-enabled NTFS volume; that is, they are
established on a per-user basis. For example, if a user moves a file
from one folder to another on the volume, she still shows the same
amount of disk space used in My Computer or Windows Explorer. If a
user takes ownership of a file on an NTFS volume, the file is charged
against the user's quota.

In addition, disk quotas apply only to specific volumes and not to
folders within volumesthat is, on a per-volume basis. If a
physical disk has several volumes or partitions (or if you have
multiple physical disks), each partition or volume may have quotas
either enabled or disabled, and those on which quotas are enabled may
have different quota limits set (unless it's a
spanned volume).

Quota Limits


Disk quota limits can be

one
of two types:

Soft quotas



When the user


exceeds
the limit, an event may be logged to the event log, but the user is
not prevented from exceeding the quota.


Hard quotas



When the user exceeds the limit, an event may be logged to the event
log, and the user is prevented from using any additional space on the
disk.



Once enabled on a volume, disk quota limits are tracked for all users
who store files on that volume. However, different quota limits can
be set for specific users to override the global settings for all
users. Once quota limits have been established on a volume, users are
monitored for any action that increases the amount of disk space
used. These actions include:

  • Copying or moving files to the disk

  • Creating (saving) new files on the disk

  • Taking ownership of existing files on the disk that belong to other
    users


User applications may respond differently when users try to create or
save files on volumes on which a hard quota limit has been exceeded.
In general, applications act as if the volume is full.

Implementing Disk Quotas


  1. Begin by establishing


    realistic estimates of how much disk
    space users require on average and how these needs are likely to grow
    in the immediate future. To do this, you may want to classify users
    into three different categories, such as heavy users, moderate users,
    and light users.

  2. Next, create partitions, volumes, and logical drives in such a way as
    to facilitate assigning space to different types of users. Allocate
    some volumes for heavy users, some for moderate, and some for light.
    Create home folders or data folders on these drives for each user or
    group of users, and assign NTFS permissions accordingly to restrict
    access. Make sure you leave unallocated space on the drives in case
    you need to increase the quota limits. Consider using dynamic storage
    so that you can extend simple volumes and create spanned volumes when
    simple volumes become full.

  3. Assign disk quotas to each volume, partition, or logical drive
    according to the type of user storing data there. Use soft limits
    initially in case your estimates of user needs are too small.

  4. Now share the folders for access over the network. Closely monitor
    disk quota entries over a period of time to see if realistic limits
    have been set.

  5. Once you have determined that your quota limits are appropriate, make
    them hard quotas to prevent careless users from overutilizing disk
    space.

  6. Monitor quotas periodically to determine whether they should be
    increased for all users. Check whether specific users might require
    individual quotas for special projects and so on.

  7. If a user no longer needs to store data on a volume, remove the files
    (or take ownership of them) and then delete the
    user's quota entry to free up space on the volume.



Make sure you enable quotas on a disk before any users have stored
files on it. If a user has already stored a file and you then enable
quotas and set quota limits, the user's quota limit
is No Limit and you will have to change the quota entry manually for
this user. Only new users who later store files on the disk are
assigned the quota limits you expect them to have.


/ 415