Shares
Shares provide remote access to information stored on a server. By default, a number of shares exist on a server, which can easily be seen by running the net share command:
C:\Users\mike> net share Share name Resource Remark --------------------------------------------------------------- C$ C:\ Default share E$ E:\ Default share IPC$ Remote IPC ADMIN$ C:\Windows Remote Admin The command completed successfully.
The IPC$ share is used for interprocess communication between local and remote processes. The other default shares are mapped to certain file system folders. The ADMIN$ folder points to the Windows folder. The other volumes have a share for its volume, allowing access to the root of the folder. Why does the share have a dollar sign? The dollar sign hides the share from normal network browsing.
Shares can be created from the Explorer interface by right-clicking a folder, selecting Properties, and viewing the Sharing tab.
Clicking the Share button opens up a simple dialog that allows groups and users to be added to the share access list. Then one of three levels of access is granted. The three levels of access that can be granted are the following:
- Reader: This is read-only access to the content, so no modifications or additions to existing content can be made
- Contributor: Allows full read-and-write access to the content
- Co-owner. Full control of the content, including changing permissions on the share
After access has been granted, click the Share button to complete the share-creation process. A confirmation dialog and a link to the new share are displayed, making it easy to share the new location with users. The Advanced Share permission works in a similar fashion but exposes the raw full control, change, and read rights and enables the option to deny the levels of access. The advanced interface also allows comments and a maximum number of simultaneous users to be configured for the share.
NOTE: The whole issue of share permissions is interesting. In many environments, shares are not used to govern access because the files and folders already have NTFS permissions. I prefer to set shares so that domain users have full control and then use NTFS permissions to restrict actual levels of access to the data.
To create a share from the command line, use the following format:
net share <share name>=<drive>:<dir> /remark="<description>" net share mike=c:\data\mikedrv /remark="Mike drive"
In this tutorial:
- Windows Server File System and Print Management
- File System Types and Management
- New Technology File System (NTFS)
- New NTFS Features in Windows Server 2008
- Formatting and Managing File Systems
- Converting File Systems
- File Management
- File Permissions
- Shares
- NTFS Quotas
- Encrypted File System (EFS)
- Shadow Copy Feature
- File Server Resource Manager
- File Server Resource Manager Options
- Reporting
- Quotas
- File Screening
- Exporting and Importing File Screens and Quotas
- Print Management
- Print Management MMC
- Printer Properties
- Listing a Printer in the Active Directory
- Connecting Users to Network Printers
- Deploying Printers
- Allowing Nonadministrators/Power Users to Install Printers
- Migrating a Printer
- Automatic Network Print Addition
- Print Server Configuration
- Customizing Views of Information