|By Keith Mayer||
|October 26, 2012 08:30 AM EDT||
In the past, managing and sharing NTFS folders could be a real ordeal – there were different tools for managing NTFS permissions vs shared folders and most IT Pros generally used these tools on a server-by-server basis from each server’s console.
Server Manager to the rescue!
In Windows Server 2012, Server Manager provides a management facelift on top of the disconnected process that we’ve used in the past for sharing folders and setting NTFS permissions. In addition, Server Manager can easily manage these folders on a local server or any remote servers that you’ve previously added to the Server Manager dashboard.
NOTE: For details on using and customizing Server Manager for your servers and network environment, check out this post on that topic.
Along with the new SMB 3.0 performance and availability features for shared folders, Server Manager provides a powerful management tool for taking advantages of these features in your network environment.
How can I share new folders with Server Manager?
You can start the process of sharing NTFS folders in Server Manager by launching the New Share Wizard from the File and Storage Services details page. This new wizard integrates the steps involved with creating a new folder, sharing the folder and setting NTFS permissions into a single continuous workstream for local and remote servers.
- On the File and Storage Services page, select Shares and then click Tasks –> New Share … to begin the New Share Wizard.
- On the Select the profile for this share page, select SMB Share – Quick and click the Next button. Note that in addition to creating new SMB shares for NTFS folders that are sharing documents, we also have options for creating shared folders for applications, such as SQL databases or Hyper-V virtual machines, as well as creating new NFS shares for non-Windows client devices.
- On the Select the server and path for this share page, select the server on which to create the new share ( local or remote server ) and the volume on which to create the new shared folder. Click the Next button to continue.
- On the Specify share name page, type the name of your new Share name and click the Next button to continue.
- On the Configure share settings page, you will find advanced options for configuring Access-Based Enumeration (ABE), Offline folder caching, and Encryption of end-to-end SMB network traffic. Let’s select all three options and then click the Next button.
NOTE: If BranchCache is enabled on your server to optimize shared folder access over a WAN, you can also enable BranchCache for this new folder on this page. To learn more about the new simplified BranchCache features in Windows Server 2012 … check out Brian Lewis’ My Thoughts on IT blog.
- On the Specify permissions to control access page, review the default permissions for the new NTFS folder and click the Customize permissions… button to further customize these permissions as necessary. When finished, click the Next button to continue.
- On the Confirm selections page, review the currently selected settings for sharing the new folder and click the Create button to begin the process of creating the new folder, applying NTFS permissions, and sharing the folder with the selected share settings.
How can I automate the process of sharing new folders?
You can automate the process of sharing new folders using PowerShell 3.0 and the new SMB Share Cmdlets. For example, to create and share the same folder as demonstrated above, we could use the following commands in PowerShell:
New-SMBShare -Name Documents -Path D:\Shares\Documents -FolderEnumerationMode AccessBased
-CachingMode Documents -EncryptData $True -FullAccess Everyone
Has anything changed with NTFS permissions in Windows Server 2012?
NTFS access list permissions work the same in Windows Server 2012, but there is an improved user interface for setting and viewing NTFS permissions that can make implementing advanced security scenarios much easier.
What is an NTFS “advanced security scenario”?
For example, a common NTFS folder requirement in many organizations is to set permissions such that users can create, update, delete and rename files, but not delete or rename folders or sub-folders. Many organizations implement this approach to provide a consistent network folder structure for users to store their files, without being concerned about users inadvertently moving or renaming (ie., pruning and grafting) whole sections of that folder structure. In the past, this custom combination of file and folder permissions was confusing and difficult to implement.
To implement this scenario in Windows Server 2012, we can click on the Customize permissions… button referenced above in Step 6 and walk through the following process:
- In the Advanced Security Settings dialog box, click the Disable Inheritance button to disable inherited permissions from the parent folder in preparation of setting an explicit set of folder permissions.
- When prompted, click the option to Convert inherited permissions into explicit permissions on this object. This will create a copy of each inherited permission access list entry into an explicit entry for this folder that we’ll be able to edit or remove.
- In this case, we want to modify the default permissions granted to the Users group for this folder. Use the Remove button to remove each of the existing access list entries granted to the Users group.
- Then use the Add button to grant a new set of file permissions to the Users group. In this scenario, we want users to have read, write and delete permissions to files ( and only files ) inside this folder, so we’ll select the following permission options for files:
- Once we’re done adding file permissions, we’ll use the Add button again to grant a new set of folder permissions to the Users group. In this scenario, we want users to have the ability to see folders and create new files, so we’ll select the following permission options for folders:
That’s it! Now we’ve got our shared folder all set for this advanced security scenario in just a few clicks! Of course, if we wanted to automate this process, we could’ve used the Set-Acl and Get-Acl PowerShell Cmdlets to set NTFS permissions via a script as well.
Are there any other changes related to NTFS permissions?
As we were working through the last set of steps, you may have noticed a few new tabs in the new NTFS Advanced Security Settings dialog.
The tabs that are new or improved for the NTFS Security Dialog in Windows Server 2012 include:
- Share – integrates Share permissions into a separate tab on the NTFS security dialog, so that NTFS and Share permissions can be compared side-by-side
- Effective Access – improved to provide an easier user interface to work with for evaluating the effective permissions for a user, group, device or claim.
- Central Policy – used with the new Dynamic Access Control (DAC) feature of Windows Server 2012 to centralize folder permissions into security policies that can be dynamically applied to files and folders based on Active Directory claims.
Dynamic Access Control (DAC), in particular, is a powerful feature in Windows Server 2012 to reduce the administrative load of managing standard permission access lists across lots of file servers. I’ll be writing a separate article in the near future that steps through the process of using DAC.
Do It: Implementing Shared Folders and NTFS Permissions
Your turn! Build your own Windows Server 2012 server lab and use the steps outlined above to create and share your own shared folder with the following properties:
- Shared folder path: C:\Shares\Documents
- Shared folder name: Documents
- Shared folder settings: Access-based Enumeration
- NTFS Permissions: Use the permissions shown in the example above.
In this article, we've walked through the benefits of the improvements offered by Windows Server 2012 for sharing and configuring NTFS folders using Server Manager and PowerShell 3.0
Learn more! To gain more experience with Windows Server 2012 in your lab, feel free to join our FREE Windows Server 2012 "Early Experts" Challenge online study group and become one of the 1,000+ IT Pros that are now studying as "Early Experts" on Windows Server 2012.
What do you think of Server Manager in Windows Server 2012?
Are you excited about using Server Manager in your environment for shared folder scenarios? Feel free to share your feedback and stories in the comments below!
Hope this helps,
|Build Your Lab! Download Windows Server 2012|
|Don’t Have a Lab? Build Your Lab in the Cloud with Windows Azure Virtual Machines|
|Want to Get Certified? Join our Windows Server 2012 "Early Experts" Study Group|
The true value of the Internet of Things (IoT) lies not just in the data, but through the services that protect the data, perform the analysis and present findings in a usable way. With many IoT elements rooted in traditional IT components, Big Data and IoT isn’t just a play for enterprise. In fact, the IoT presents SMBs with the prospect of launching entirely new activities and exploring innovative areas. CompTIA research identifies several areas where IoT is expected to have the greatest impact.
May. 25, 2015 09:00 PM EDT Reads: 4,978
Every day we read jaw-dropping stats on the explosion of data. We allocate significant resources to harness and better understand it. We build businesses around it. But we’ve only just begun. For big payoffs in Big Data, CIOs are turning to cognitive computing. Cognitive computing’s ability to securely extract insights, understand natural language, and get smarter each time it’s used is the next, logical step for Big Data.
May. 25, 2015 08:00 PM EDT Reads: 2,264
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
May. 25, 2015 07:00 PM EDT Reads: 2,109
There's no doubt that the Internet of Things is driving the next wave of innovation. Google has spent billions over the past few months vacuuming up companies that specialize in smart appliances and machine learning. Already, Philips light bulbs, Audi automobiles, and Samsung washers and dryers can communicate with and be controlled from mobile devices. To take advantage of the opportunities the Internet of Things brings to your business, you'll want to start preparing now.
May. 25, 2015 07:00 PM EDT Reads: 5,862
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal an...
May. 25, 2015 04:00 PM EDT Reads: 3,020
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect at Hookflash, will walk through the shifting landscape of traditional telephone and voice services ...
May. 25, 2015 03:00 PM EDT Reads: 4,324
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal today!
May. 25, 2015 02:00 PM EDT Reads: 4,589
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Architect for the Internet of Things and Intelligent Systems at Red Hat, described how to revolutioniz...
May. 25, 2015 02:00 PM EDT Reads: 4,979
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades. With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo, June 9-11, 2015, at the Javits Center in New York City. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be
May. 25, 2015 01:15 PM EDT Reads: 2,458
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, and physical persons. In the IoT vision, every new "thing" - sensor, actuator, data source, data con...
May. 25, 2015 01:00 PM EDT Reads: 6,459
Container frameworks, such as Docker, provide a variety of benefits, including density of deployment across infrastructure, convenience for application developers to push updates with low operational hand-holding, and a fairly well-defined deployment workflow that can be orchestrated. Container frameworks also enable a DevOps approach to application development by cleanly separating concerns between operations and development teams. But running multi-container, multi-server apps with containers is very hard. You have to learn five new and different technologies and best practices (libswarm, sy...
May. 25, 2015 12:00 PM EDT Reads: 2,309
SYS-CON Events announced today that DragonGlass, an enterprise search platform, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. After eleven years of designing and building custom applications, OpenCrowd has launched DragonGlass, a cloud-based platform that enables the development of search-based applications. These are a new breed of applications that utilize a search index as their backbone for data retrieval. They can easily adapt to new data sets and provide access to both structured and unstruc...
May. 25, 2015 12:00 PM EDT Reads: 2,120
There's Big Data, then there's really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges. In her session at Big Data Expo®, Hannah Smalltree, Director at Treasure Data, discussed how IoT, Big Data and deployments are processing massive data volumes from wearables, utilities and other machines...
May. 25, 2015 10:00 AM EDT Reads: 4,317
Buzzword alert: Microservices and IoT at a DevOps conference? What could possibly go wrong? In this Power Panel at DevOps Summit, moderated by Jason Bloomberg, the leading expert on architecting agility for the enterprise and president of Intellyx, panelists will peel away the buzz and discuss the important architectural principles behind implementing IoT solutions for the enterprise. As remote IoT devices and sensors become increasingly intelligent, they become part of our distributed cloud environment, and we must architect and code accordingly. At the very least, you'll have no problem fil...
May. 25, 2015 10:00 AM EDT Reads: 2,099
SYS-CON Events announced today that MetraTech, now part of Ericsson, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Ericsson is the driving force behind the Networked Society- a world leader in communications infrastructure, software and services. Some 40% of the world’s mobile traffic runs through networks Ericsson has supplied, serving more than 2.5 billion subscribers.
May. 25, 2015 09:45 AM EDT Reads: 1,782
The worldwide cellular network will be the backbone of the future IoT, and the telecom industry is clamoring to get on board as more than just a data pipe. In his session at @ThingsExpo, Evan McGee, CTO of Ring Plus, Inc., discussed what service operators can offer that would benefit IoT entrepreneurs, inventors, and consumers. Evan McGee is the CTO of RingPlus, a leading innovative U.S. MVNO and wireless enabler. His focus is on combining web technologies with traditional telecom to create a new breed of unified communication that is easily accessible to the general consumer. With over a de...
May. 25, 2015 06:00 AM EDT Reads: 4,830
Disruptive macro trends in technology are impacting and dramatically changing the "art of the possible" relative to supply chain management practices through the innovative use of IoT, cloud, machine learning and Big Data to enable connected ecosystems of engagement. Enterprise informatics can now move beyond point solutions that merely monitor the past and implement integrated enterprise fabrics that enable end-to-end supply chain visibility to improve customer service delivery and optimize supplier management. Learn about enterprise architecture strategies for designing connected systems tha...
May. 25, 2015 05:00 AM EDT Reads: 6,078
Cloud is not a commodity. And no matter what you call it, computing doesn’t come out of the sky. It comes from physical hardware inside brick and mortar facilities connected by hundreds of miles of networking cable. And no two clouds are built the same way. SoftLayer gives you the highest performing cloud infrastructure available. One platform that takes data centers around the world that are full of the widest range of cloud computing options, and then integrates and automates everything. Join SoftLayer on June 9 at 16th Cloud Expo to learn about IBM Cloud's SoftLayer platform, explore se...
May. 25, 2015 04:45 AM EDT Reads: 3,291
SYS-CON Media announced today that 9 out of 10 " most read" DevOps articles are published by @DevOpsSummit Blog. Launched in October 2014, @DevOpsSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce softw...
May. 25, 2015 04:15 AM EDT Reads: 4,345
15th Cloud Expo, which took place Nov. 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA, expanded the conference content of @ThingsExpo, Big Data Expo, and DevOps Summit to include two developer events. IBM held a Bluemix Developer Playground on November 5 and ElasticBox held a Hackathon on November 6. Both events took place on the expo floor. The Bluemix Developer Playground, for developers of all levels, highlighted the ease of use of Bluemix, its services and functionality and provide short-term introductory projects that developers can complete between sessions.
May. 25, 2015 04:00 AM EDT Reads: 6,446