Plan file and print server roles
Share permissions apply to remote users and NTFS permissions apply to both remote and local users; a remote user will be restricted to the most restrictive permission. NTFS permissions can be cumulative i.e. a user has specific permissions but that user is also a member of a group with other defined permissions. Permissions applied to the user override group permissions if there is a conflict and deny permissions override allow permissions.
Windows Server 2008 file services also has Access Based Enumeration (ABE); this functionality hides files and or folders from users who have no access to them.
Printer management requires Manage Printers, Print, Manage Documents and Manage Server. Printer queue management just requires Manage Documents, Manage Printers and Print.
Storage quota are defined at the disk level, quota can be defined for specific users or groups or completed disabled for a user or group.
Quotas have hard and soft limits; hard limits stop users saving or copying files to a volume when over quota whereas soft limits just warn users.
Quotas can be defined on folders using FSRM; FSRM has hard and soft limits too but also can be defined on volumes, folders and shares. FSRM quotas should be defined via templates i.e. that is the best practice.
DFS-R is used to replicate data; it can be used with or without DFS-N e.g. replicating web content between servers within a web farm.
DFS-R uses Remote Differential Compression (RDC) to minimise the data replicated e.g. modifications to data are replicated not the whole file. Cross file RDC can use other files to construct a file to minimise WAN replication traffic; cross file RDC is only supported in Enterprise and Datacenter editions.
The Windows Search service in Windows Server 2008 and 2008 R2 replaces the legacy indexing service; the legacy indexing service should only be used if you have bespoke applications that depend on it. Microsoft Windows Vista and Windows 7 clients work out-of-the-box with the Windows Search service whereas earlier client such as XP require the ‘Microsoft Search Client’. Indexing should only be configured on storage which contains shares or file shares. Indexing is configured via the Control Panel > Indexing Options.
File storage policy
FSRM has file screening functionality which can be used to define what can and cannot be stored on the file system e.g. mp3s but you could also define an exception for a particular group.
Storage reports can be configured to the show largest files, most accessed files, duplicates etc, you may be able to use this for scheduling maintenance.
Offline files allow access to network content whilst you’re offline; useful say if you’re working on a large file you can forcefully go offline, work on the file and then go back online to sync the changes. Internet Information Services shared configuration can benefit from offline file functionality too.
Offline files are configured via the share advanced share settings caching options. Note that redirected folders are automatically configured as offline.
You can encrypt offline files via Sync Center > Manage Offline Files > Encryption or Computer Configuration\Administrative Templates\Network\Offline Files\Encrypt the Offline Files cache.
Offline files enhancements in Windows Server 2008 R2
- Fast first logon
- Background sync
- Exclusion list
- Transparent caching
Distributed File System Namespaces (DFS-N) and Distributed File System Replication (DFS-R) can be used together to provide file share availability locally and geographically.
DFS-N allows you to consolidate multiple file shares from multiple servers into a single namespace. You can then use DFS-R to replicate this file share content to other file servers.
Geographic DFS namespaces can be used so users access their local file server to access content replicated from other sites.
Printer pooling allows you to effectively load balance printing; If you have the same printer or at least the printers which can use the same printer driver then you can pool printers. These printers are managed via one queue and can survive printers failing i.e. one printer breaking will not stop the printer pool working.
Render print job on the client; this is the default an the most efficient; if you leave this to the print server then you could end up over burdening the print server.
Print filters can be configured to report on specific printer states e.g. printers with paper jams, offline or error. Print filters are only available to Windows Server 2008 and 2008 R2.
Printer can be published to Active Directory automatically if the print server is Windows Server 2008 R2 and the group policies ‘Automatically publish new printers in Active Directory’ and ‘Allow printers to be published’ are enabled.
Alternatively you can publish printers to Active Directory using the list in directory option; this will make it searchable or Deploy using Group Policy; here you can deploy it to the whole domain or specific OUs.