Title: Chapter 9: Managing Server Folders, Permissions, and Software Installation
1Chapter 9 Managing Server Folders, Permissions,
and Software Installation
2Learning Objectives
- Manage folders on a server, including
- Planning a folder structure
- Viewing and creating folders
- Setting folder properties such as attributes,
permissions, auditing, and ownership - Setting up shared folders
- Moving and copying files and folders
- Install and manage application software
continued
3Learning Objectives
- Use the Registry to configure Windows NT Server
and application software, and use Windows NT
Diagnostics to view Registry contents - Set system policies using the System Policy
Editor - Configure and use License Manager
- Configure and use Directory Replicator
4Managing Folders
- Designing a folder structure
- Viewing and creating folders
- Setting folder properties
- Setting up a shared folder
- Troubleshooting a security conflict
- Moving and copying files and folders
5Designing a Folder Structure
- A chaotic file structure makes it difficult to
run or remove programs - Avoid confusion by having a place for
- Software applications
- Confidential files shared by certain groups
- Public files shared by everyone
- Software utilities for all users
- Server management utilities
6Folder Structure Design Considerations
- Root folder should not be cluttered with files or
too many folders - Each software application should have its own
folder or subfolder - Similar information should be grouped
- Folders should have names that clearly reflect
their purpose
7A Sample Folder Structure
Folders off the Root
Manage
Users
Data
Word
Ntserver
Winnt (created by NT Server setup)
Forms
Msoffice
Access
Excel
Queries
Winword
Templates
Clipart
Office
Contracts
Court
Tax
RealEstate
Wills
Bankruptcy
8Viewing and Creating Folders
- Viewing
- Use My Computer or Windows NT Explorer
- Display can be customized
- or, the good ol command-line interface
- dir command, or similar add-ons
- Creating
- Use My Computer or Windows NT Explorer
- or, CLI
9Setting Folder Properties
- General properties
- Folder and permission security
- Permissions
- Auditing
- Ownership
10General Properties
- Descriptive information
- Location
- Size
- Number of files/folders
- Folder name and creation date
- Folder attributes
11Attributes
- A characteristic associated with a folder or
file, used to help mange access and backups - Largely ignored by NT administrators (except for
backup purposes) in favor of rights and
permissions
12Windows NT Attributes
13Folder and Permission Security
- Three security options
- Permissions Control access to the folder and
its contents - Auditing Enables administrator to audit
activities on a folder or file - Ownership Designates the folder owner who has
full control of that folder
14NTFS Folder and File Permissions
15Directory Permissions Dialog Box
Note would usually have 1 group/username under
Name.
16Microsoft Guidelines for Setting Permissions
- Protect the Winnt folder that contains operating
system files from general users (No Access or
Read) but give Administrators Full Control access - Protect server utility folders with access
permissions only for Administrators, and Server
and Backup Operators
continued
17Microsoft Guidelines for Setting Permissions
- Protect software application folders with Add
Read - Create publicly used folders with Change access
- Provide users Full Control of their own home
directories - Remove the group Everyone from confidential
folders
18Special Folder and Special File Access Options
- Enable customization of folders or file access
beyond standard permissions - different combinations of the aforementioned
abilities - R, W, X, D, C, take owner
- useful for special situations, if need be
19Auditing
- Tracks access to folders and files
- Directory Auditing dialog box enables auditing of
a variety of successful and failed events - track success/fail, whichever is more important
for that particular case - remember, auditing can be expensive -- that is,
can dramatically affect server performance
20Ownership
- Folder owners have Full Control permissions for
the folders they create
Taking ownership of a folder
21Setting Up a Shared Folder
- Share permissions
- No Access
- Read
- Change
- Full Control
- Can be overridden
- NT uses most restrictive permission, whichever is
stricter
22Setting Up a Shared Folder
- Sharing can be limited by users
- software licensing
- also provides some extra security
- Shares can be hidden
- put character at end of share name
- both for security through obscurity as well as
ease-of-use
23Troubleshooting a Security Conflict
- Review folder permissions and share permissions
for the account and for the groups to which the
account user belongs - Careful planning of folder structure and user
groups in light of server security needs saves
time and user aggravation
24Moving and Copying Files and Folders
- Creating, moving, or copying a file can affect
the file and folder permissions - Moving File is deleted from the original
location placed in a different folder - Copying Original file remains intact and a copy
is made in another folder - New file permissions depend on
- copy/create - inherit from folder
- move - retain existing
- unless move to different volume - like copy
25Installing and Managing Application Software
- Software licensing
- Network compatibility
- Network performance
- Location of temporary files
- Software testing
- Loading software from the network
- Restrictions for MS-DOS-based software
26Software Licensing
- Read and follow licensing agreement before
loading software - Copy protect the software
- user education important
- License monitoring A process used to ensure
that the number of software licenses in use does
not exceed the number for which the network is
authorized
27Network Compatibility
- Check all applications to be certain they are
network-compatible, i.e., designed for multiuser
access, often with network capabilities such as
options to send files through e-mail - with popularity of the Internet, new applications
generally are network-friendly - but remember, Internet features can be a security
hole
28Network Performance
- Closely monitor network activity and traffic
associated with software applications - some applications have BIG effect on network
traffic - remember, software is one consideration when
choosing topology
29Location of Temporary Files
- Determine what extra files are needed to run an
application and where to store them - Teach software users how to deploy temporary and
backup files created by software, and how to
delete them when no longer needed - utilities exist to clean up files automatically
30Software Testing
- Test each software installation before releasing
it to users - An important way to determine that the software
is working, is network compatible, and that the
permissions are correctly set
31Loading Software from the Network
- One option Install software application files
from network onto each client workstation - Another option Install client software so that
application files are loaded from server - Advantage Save workstation disk space
- Advantage Ease of management
- Disadvantage Extra network traffic
32Installing Software Using Add/Remove Programs
- Software configuration is stored in Windows NT
Registry configuration is easier and
configuration information can be updated to an
ERD - Registry tracks location of all files associated
with software easier to remove all program pieces
33Running Software Applications in User Mode
- User mode
- Used for running programs in a memory area kept
separate from that used by the kernel - The program cannot directly access the kernel or
operating system services except through an API - Kernel mode
- Privileged environment in which Windows NT
operating system kernel runs - Consists of protected memory area and privileges
to directly execute system services, access CPU,
run I/O operations, etc.
34Using the Registry to Configure System Setup and
Software
- Registry Database that contains information the
operating system needs about the entire server
(configuration, program setup, devices, drivers,
etc.) - Two editors to view Registry contents
- Regedit
- Regedt32
35The Five Root Keys
- Root key (or subtree) Highest category of data
contained in the Registry - The five root keys
- HKEY_LOCAL_MACHINE
- HKEY_CURRENT_USER
- HKEY_USERS
- HKEY_CLASSES_ROOT
- HKEY_CURRENT_CONFIG
36The Five Root Keys
37Backing Up the Registry
- The Registry is vitally important to Windows NT
Server - Plan to back it up regularly when you back up
other files - ERD - via RDISK
- separately - via REGBACK
- 3rd-party backup software often has specific
options for registry
38Setting System Policies
- Override registry settings in Windows NT Server
- Used to set up special conditions for individual
users - security
- ease-of-use
- Used to set up restrictions for all users
- security
- ease-of-use
39System Policies to Govern All Users
- Control Panel display options
- Desktop wallpaper and color schemes
- Operating system shell restrictions
- hiding drives, Net Neighborhood, etc.
- System restrictions
- run only certain programs, etc.
- Windows NT Shell options
- Windows NT System options
40System Policiesto Govern Individual Users
- Remote access settings
- Creation of hidden drive shares
- Network printer scheduling and error control
options - Customized shared folder setup
- Logon security and logon banner controls
- File-naming options
- User profile network time-out periods for slow
network connections
41Setting Up and Using License Manager
- License right to use software
- license terms differ by vendor
- select the best option based on needs price
- Per seat licensing Requires that there be
enough licensees for all network client
workstations - Per server licensing Based on maximum number of
clients that use an application at one time
42Setting Up and Using Directory Replicator
- Directory replication services enable designated
directories on one server to be copied to another
server(s) or workstation(s) on the network - Export server Server with the original
directories - Import server Computer that receives the
directories and files
43Directory Replication Uses
- To copy an update database on a member server in
a client/server system to a reporting database on
a different member server - To create a backup copy of account-related
information
44Setting Up Export and Import Parameters
45Chapter Summary
- Plan folder structure in advance.
- Create distinct folders for user directories,
software applications, server utilities, etc. - Set up folder properties
- Set up permissions according to purpose of folder
continued
46Chapter Summary
- Before installing application software in a
folder, make sure the software is
network-compatible. - Use Add/Remove Programs tool to install software
so that installation is coordinated with the
Windows NT Registry.
continued
47Chapter Summary
- System policies offer another way to change
Registry settings and to customize how users
access Windows NT Server. - License Manager records and monitors the number
of licenses. - Directory Replicator copies folders from a server
to other network computers.
48(No Transcript)