Where there are files, there are disks. That is to say, all the files and programs we've talked about so far reside on disks. Disks are physical storage devices, and they also need to be managed. There are several aspects to disk management. One is concerned with getting disks ready to be able to store files and programs; another deals with backing up your data. Yet another involves checking the health of disks and optimizing their performance. We'll look at these aspects in more detail.
Getting Disks Ready to Store Files and Programs
For a hard disk to be able to hold files and programs, it has to be partitioned and formatted. Partitioning is the process of creating logical divisions on a hard drive. A hard drive can have one or more partitions. Formatting is the process of creating and configuring a file allocation table (FAT) and creating the root directory. Several file system types are supported by the various versions of Windows, such as FAT16, FAT32, and NTFS.
New Technology Filesystem (NTFS) is available with all the versions of Windows, they also recognize and support FAT16 and FAT32. The file table for the NTFS is called the Master File Table (MFT).
The following is a list of the major file systems that are used with Windows and the differences among them:
- File allocation table (FAT): An acronym for the file on this file system used to keep track of where files are. It's also the name given to this type of file system, introduced in 1981. The file systems for many OSs have been built on the design of FAT, but without its limitations. A FAT file system uses the 8.3 naming convention (eight letters for the name, a period, and then a three-letter file identifier). This later became known as FAT16 (to differentiate it from FAT32) because it used a 16-bit binary number to hold cluster-numbering information. Because of that number, the largest FAT disk partition that could be created was approximately 2GB.
- Virtual FAT (VFAT): An extension of the FAT file system that was introduced with Windows 95. It augmented the 8.3 file-naming convention and allowed filenames with up to 255 characters. It created two names for each file: a long name and an 8.3-compatible name so that older programs could still access files. When VFAT was incorporated into Windows 95, it used 32-bit code for improved disk access while keeping the 16-bit naming system for backward compatibility with FAT. It also had the 2GB disk partition limitation.
- FAT32: Introduced along with Windows 95 OEM Service Release 2. As disk sizes grew, so did the need to be able to format a partition larger than 2GB. FAT32 was based more on VFAT than on FAT16. It allowed for 32-bit cluster addressing, which in turn provided for a maximum partition size of 2 terabytes (2048GB). It also included smaller cluster sizes to avoid wasted space. FAT32 support is included in current Windows versions.
- NT File System (NTFS): Introduced along with Windows NT (and available on 7/Vista/XP). NTFS is a much more advanced file system in almost every way than all versions of the FAT file system. It includes such features as individual file security and compression and RAID support as well as support for extremely large file and partition sizes and disk transaction monitoring. It is the file system of choice for higher-performance computing.
- CD-ROM File System (CDFS): While not a file system that can be used on a hard drive, CDFS is the file system of choice for CD media and has been used with 32-bit Windows versions since Windows 95. A CD mounted with the CDFS driver appears as a collection.
When you're installing any Windows OS, you will be asked first to format the drive using one of these disk technologies. Choose the disk technology based on what the computer will be doing and which OS you are installing.
To format a partition, you can use the FORMAT command. FORMAT.EXE is available with all versions of Windows. You can run FORMAT from a command prompt or by right-clicking a drive in Windows Explorer and selecting Format. However, when you install Windows it performs the process of partitioning and formatting for you if a partitioned and formatted drive does not already exist. You can usually choose between a quick format or a full format. With both formats, files are removed from the partition; the difference is that a quick format does not then check for bad sectors (a time-consuming process).
Be extremely careful with the Format command! When you format a drive, all data on the drive is erased.
In Windows, you can manage your hard drives through the Disk Management component. To access Disk Management, open Control Panel and double-click Administrative Tools. Then, double-click Computer Management. Finally, double-click Disk Management.
The Disk Management screen lets you view a host of information regarding all the drives installed in your system, including CD-ROM and DVD drives. The list of devices in the top portion of the screen shows you additional information for each partition on each drive, such as the file system used, status, free space, and so on. If you right-click a partition in either area, you can perform a variety of functions, such as formatting the partition and changing the name and drive-letter assignment. For additional options and information, you can also access the properties of a partition by right-clicking it and selecting Properties.
Windows 7, Vista, and XP support both basic and dynamic storage. Basic storage can have a primary and an extended partition, while dynamic storage can be simple, spanned, or striped. The partition that the operating system boots from must be designated as active. Only one partition on a disk may be marked active. With basic storage, Windows drives can be partitioned with primary or extended partitions. The difference is that extended partitions can be divided into one or more logical drives and primary partitions cannot be further subdivided. Each hard disk can be divided into a total of four partitions, either four primary partitions or three primary and one extended partition.
Basic partitions are a fixed size and are always on a single physical disk. Dynamic partitions can increase in size (without reformatting) and can span multiple physical disks.
Finally, there is the concept of a logical partition. In reality, all partitions are logical in the sense that they don't necessarily correspond to one physical disk. One disk can have several logical divisions (partitions). A logical partition is any partition that has a drive letter.
Sometimes, you will also hear of a logical partition as one that spans multiple physical disks. For example, a network drive that you know as drive H: might actually be located on several physical disks on a server. To the user, all that is seen is one drive, or H:.
Backing Up the Data on Your Drives
Another very important aspect of disk management is backing up the data on your drives. Sooner or later, you can count on running into a situation where a hard drive fails or data becomes corrupted. Without a backup copy of your data, you're facing a world of trouble trying to recreate it, if that's even possible or economically feasible. You also shouldn't rely on the Recycle Bin. Although it is a good utility to occasionally restore a file or directory that a user has accidentally deleted, it will not help you if your drives and the data on them become unusable.
Toward that end, Windows has a built-in backup feature called, you guessed it, Backup. To access Backup in Windows 7 or Windows Vista, click Start → Control Panel → Backup And Restore, then click either Set Up Backup or select another backup to restore files from. To access Backup in Windows XP, click Start → Programs/All Programs) → Accessories → System Tools → Backup. This will open the Backup Wizard. To move on to the Backup utility, click Advanced Mode.
The Backup utility in each of the different versions of Windows has different capabilities, with newer versions having greater capabilities. In general, you can either run a wizard to create a backup job or manually specify the files to back up. You can also run backup jobs or schedule them to run at specific time at a specific interval. Refer to the Windows Help system for in-depth information on how to use Backup.
Checking the Health of Hard Disks and Optimizing Their Performance
As time goes on, it's important to check the health of Windows computers' hard disks and optimize their performance. Windows provides you with several tools to do so, some of which we've already mentioned in this tutorial. One important tool is Disk Defragmenter, which has existed in almost all versions of Windows.
When files are written to a hard drive, they're not always written contiguously, or with all the data located in a single location. Files are stored on the disk in numbered blocks similar to PO boxes-when they are written, they are written to free blocks. As a result, file data is spread out over the disk, and the time it takes to retrieve files from the disk increases. Defragmenting a disk involves analyzing the disk and then consolidating fragmented files and folders so they occupy a contiguous space (consecutive blocks), thus increasing performance during file retrieval.
To access Disk Defragmenter, click Start → Programs/All Programs → Accessories → System Tools → Disk Defragmenter. In the list of drives, select the drive you want to defragment, and then click Analyze. When the analysis is finished, Disk Defragmenter tells you how much the drive is fragmented and whether defragmentation is recommended. If it is, click Defragment. Be aware that for large disks with a lot of fragmented files, this process can take quite some time to finish.
Tip: In Windows 7/Vista/XP, you can also access Disk Defragmenter through the properties of any partition listed in Disk Management. Click the Tools tab and then click Defragment.
One of the big problems that larger systems must deal with is the need for users to access multiple systems or applications. This may require a user to remember multiple accounts and passwords. The purpose of a single sign-on (SSO) is to give users access to all the applications and systems they need when they log on. This is becoming a reality in many environments, including Kerberos, Microsoft Active Directory, Novell eDirectory, and some certificate model implementations.
Single sign-on is both a blessing and a curse. It's a blessing in that once the user is authenticated, they can access all the resources on the network and browse multiple directories. It's a curse in that it removes the doors that otherwise exist between the user and various resources.
In the case of Kerberos, a single token allows any "Kerberized" applications to accept a user as valid. The important thing to remember in this process is that each application that wants to use SSO must be able to accept and process the token presented by Kerberos.
Active Directory (AD) works off a slightly different method. A server that runs AD retains information about all access rights for all users and groups in the network. When a user logs on to the system, AD issues the user a globally unique identifier (GUID). Applications that support AD can use this GUID to provide access control.
Using AD simplifies the sign-on process for users and lowers the support requirements for administrators. Access can be established through groups, and it can be enforced through group memberships. Active Directory can be implemented using a Windows Server (such as Windows Server 2008) computer. All users will then log in to the Windows domain using their centrally created AD account. On a decentralized network, SSO passwords are stored on each server and can represent a security risk. It's important to enforce password changes and make certain passwords are updated throughout the organization on a frequent basis.
While single sign-on is not the opposite of multi-factor authentication, they are often mistakenly thought of that way. One-, two-, and three-factor authentication merely refers to the number of items a user must supply to authenticate. Authentication can be based on something they have (a smart card), something they know (a password), something unique (biometric), and so forth. After factor authentication is done, then single signon can still apply throughout the user's session.