The strengths of NTFS are often taken for granted. But Windows 2000 exposes new features hidden in the humble file system.
Exposing the File System
The strengths of NTFS are often taken for granted. But Windows 2000 exposes new features hidden in the humble file system.
- By Michael Chacon
- September 01, 2000
One of the main underpinnings of any operating system,
and one that’s often taken for granted, is the lowly file
system. Part of this attitude stems from the fact that
in the case of Windows 2000, NTFS does its job well and
is seldom a source of problems. It runs silently and reliably,
consistently storing and delivering the essence of our
information system—the data.
One of the most interesting aspects of NTFS is not what
it provides today, but capabilities in its architecture
that have yet to be harnessed. From the beginning, with
NT 3.x, NTFS has been characterized by two salient features.
One is that NTFS follows the NT object model. Every file
is simply an object that can have an extensible set of
attributes associated with it, instantiated in the Master
File Table (MFT). For example, an NTFS directory is just
a file with different attributes, one of them being a
null for the data attribute.
The other interesting fact is that NTFS has relational
database semantics built into the file system. Every change
to the directory structure, such as a file or directory
deletion, is first written to a transaction log until
the operation is complete. If a problem occurs before
the operation finishes, the file system rolls back to
the last known good state. This means that possibilities
still lie within NTFS through its architecture: this same
transaction quality could be used beyond the directory
structure and applied to the data itself.
But before we get too far, let’s look at where we’ve
come from NTFS 4 to what is newly exposed in Windows 2000
with NTFS 5 today. First, understand that most of the
benefits of NTFS 5 are under the covers. They’re attributes
that have been added to the MFT, which developers can
now take advantage of in developing new services.
First, be aware that these newly added attributes have
created compatibility issues between various NTFS versions.
Windows NT 4.0 with SP4 will recognize NTFS 5; however,
you still won’t have full interoperability. This compatibility
is designed to allow NT 4.0 to support a dual-boot system
between NT 4.0 and Win2K. NT 3.x, however, won’t even
recognize an NTFS 5 partition. NTFS features such as disk
quotas and file encryption aren’t available from NT 4.0;
rather, they’ll sometimes result in unpredictable error
messages or reports that access is denied. Your best course
of action is to avoid trying to get all of these versions
of NTFS to coexist and simply upgrade wholly to Win2K.
With that in mind, let’s explore some of the new features
that are now available in NTFS 5 (or should we call it
NTFS 2000?).
Setting Disk Space Quotas
As with most features in NTFS, Microsoft has added a
basic tool or interface to advertise functionality and
take advantage of the feature; this is done at least partly
to entice third-party developers to build full-featured
products. Often the component that’s lacking in the included
basic tool is the ability to schedule and automate functions.
But we can tour at least some of the new functions in
NTFS with the included tools. For example, one of the
newly supported attributes of NTFS is (finally) quota
management. To see the basic disk quota tool in Windows
2000, right-click on an NTFS volume to bring up the screen
shown in Figure 1.
|
Figure 1. Display the basic
disk quota tool in Windows 2000 by right-clicking
on an NTFS volume. |
Disk space quotas are often at the top of administrators’
wish lists, which I think is somewhat misguided. They
often tend to generate support calls when users reach
size limits. However, disk space quotas are finally here
with Win2K; you’ll have to decide for yourself if it was
worth the wait. As you can see in Figure 1, you need to
select the Enable quota management check box to turn on
the attribute, which reveals the various other configuration
options that will take effect when new users access the
volume. From here, you can deny additional disk space
to users who have exceeded your set limits. On the property
page, you can set the actual disk space limit, along with
a warning level, each of which can be configured to write
an entry to the event log. This allows you to tally up
the offenses and prepare reports to the Disk Police.
The full-featured quota managers allow you to manage
all this from a central location; however, with the tool
included with Win2K, each drive needs to be configured
independently on a per-user and per-volume basis. The
first screen also applies only to new users as they access
files on the volume. You’ll handle existing users by clicking
through to the Quota Entries screen, as shown in Figure
2.
|
Figure 2. Disk space quotas for
existing users are set at the Quota Entries screen. |
Figure 2 shows a list of those users under the watchful
eyes of the quota service. If you want to add an existing
user, pull down the Quota menu and choose New Quota Entry.
From there, you can select the users you want to add to
the service. Note that you don’t have access to groups.
You can either select all of the users at once, or individually
as shown in Figure 3.
|
Figure 3. To add an existing
user, click on the Quota| New Quota Entry menu option.
You can individually select users to add. |
When you click Add, you display a box similar to the
one we saw on the first property page. That screen allows
you to select the desired quotas for the users you’ve
indicated, as shown in Figure 4.
|
Figure 4. Here’s where you set
the actual disk quotas for the user or set of users
you’ve selected. Settings from the main property page
will apply to these users as well. |
The Log Event and Deny disk space to users exceeding
quota limit settings from the main property page will
apply to these users as well. Note Microsoft’s optimism
regarding disk drive manufacturers. The quotas I’ve selected
in Figure 4 set a warning at 1 terabyte and a limit of
2 exabyte; that’s 1,000 gigabytes and 2,000,000 terabytes,
respectively. Buying stock in disk drive manufacturers
might not be a bad idea.
Quota Caveats
A few caveats are in order. First, keep in mind that
file ownership determines a quota’s application to an
individual user. In many cases, files are created by other
people; access is then given to various users. As the
files grow in size, the quota will be tracked based on
the original owner. That’s usually the person who created
the file, not necessarily the person who is adding information
to the file. (At least we now have a good reason to care
about file ownership beyond security concerns.)
The quota attribute of NTFS 5 is straightforward and
has been around for a while, actually, but has finally
been exposed with Win2K. I believe the real issues with
quota management won’t be technical, but rather will involve
dealing with support calls from users who hold you accountable
because they can’t get that last-minute project done that
the CEO is impatiently waiting for. In addition, the error
messages can be confusing to many users. For those reasons,
you may want to think about implementing another disk
space utilization service available with Win2K NTFS—Remote
Storage Service (RSS).
Remote Storage Service
RSS is Microsoft’s term for Hierarchical Storage Management
(HSM), the ability to support multiple classes of storage
systems, each with a lower cost and usually slower access
time. This concept has been available in the mainframe
world for a long time; including it in Win2K is part of
Microsoft’s push toward the enterprise information system
space.
Defining a storage management policy and choosing the
hardware to implement it is a daunting task and beyond
this column. But essentially, RSS gives you the ability
to create several classes of storage. For example, you
might choose among on-line, near on-line, and off-line
storage. These choices could be expressed, respectively,
with a regular hard drive, automatically mounted tapes,
or operator-mounted tapes. These storage types could be
associated with data that has, for example, not been accessed
for six months, one year, and over one year. As the last
access data of a particular file recedes into the past,
the file is automatically moved according to your policy
to the appropriate storage device. This is an area in
which you should seriously evaluate the storage and software
alternatives available to you in order to take full advantage
of RSS.
Encrypted File System
If you handle sensitive information, you might consider
deploying another, more straightforward NTFS attribute—the
Encrypted File System (EFS). Although NTFS supports ACLs
and granular security expressions, this doesn’t necessarily
protect disk drives that aren’t physically secure. If
your notebook computer is stolen at an airport or a top-secret
government facility, a regular NTFS volume can simply
be removed from one machine and placed into another, where
the ACLs will no longer protect the data. Or the thief
could simply load a utility like NTFSDOS from a 3.5-inch
disk and read the drive-or copy the contents to another
drive for convenient perusal.
With the EFS attribute enabled, the authorized user transparently
performs encryption and decryption during normal file
access. If someone without the proper credentials tries
to copy the encrypted file—even after the disk has been
installed into another machine—he or she won’t gain access
to the information. The encryption attribute is enabled
by selecting the Encrypt contents to secure data under
the Advanced Attributes button in the General Properties
dialog box, as shown in Figure 5.
|
Figure 5. Selecting the Encrypt
contents button instructs the system to transparently
perform encryption and decryption during normal file
access—a good choice for hard drives that aren’t physically
secure. |
This encryption is facilitated through the Public Key
Infrastructure (PKI) service available with Win2K. Each
user is associated with an X.509 certificate, the key
to which encrypts the files as they’re written to the
disk and unencrypts them as they’re read. Since this process
can be managed through the directory, it can be based
upon the user rather than just the drive. However, there
are other issues to consider. For example, as a user moves
files throughout the system, if he or she copies a file
from an encrypted volume to a volume that doesn’t support
encryption (such as FAT or NTFS 4), the file’s encryption
isn’t preserved. In short, encryption is cool stuff, but
make sure you think through deployment throughout the
entire system; by doing so, you can avoid situations in
which you think files are encrypted but they aren’t.
Compression
Compression has been previously available in NTFS, but
with NTFS 5, there’s one significant difference in how
it’s implemented. In previous NTFS versions, when a compressed
file was copied from one location to another compressed
directory, the file was decompressed at the source, sent
across the wire, then re-compressed in the new location.
Obviously, this was an inefficient way to copy a file.
With Win2K, a file isn’t decompressed until it’s expanded
by the client. This spreads the CPU burden across many
CPUs; since the sent files are compressed, that saves
bandwidth as well. In the entire scheme of things, this
is probably a minor improvement, but it’s nice to see
components in the system becoming more elegant and efficient
as Windows matures.
Volume Mount Point
Another interesting attribute available with NTFS 5 is
Volume Mount Point. As with some of the other attributes
I’ve mentioned, this isn’t necessarily directly useful
to you as the system administrator. However, it does offer
some interesting opportunities for the developer in creating
innovative products. In short, Volume Mount Point can
set an empty directory with a pointer to the root of a
disk volume that can physically exist on either the same
server or a remote one. When a user navigates to the empty
pointer, he or she is automatically redirected to the
other disk volume and the information stored there. This
opens up new possibilities for adding disk space or creating
logical views of the network, while keeping the network’s
ugly physical structure hidden from the user.
Note that this is not the Distributed File System (Dfs),
although it’s similar. The service that builds upon this
support in NTFS is the Dfs. I mention Volume Mount Point
to give you an idea of what you can accomplish with Dfs;
I’ll explore Dfs and its ability to create logical views
of the network next month.
In summary, NTFS exposes a number of new file system
attributes to the creative minds of software developers,
allowing them to design new services and publish them
to the network. NTFS continues to be one of the most useful
yet under-appreciated aspects of the NT...err...Windows
2000 operating system.