Shared FoldersConcepts

This topic covers various aspects of shared folders, including managing shared folders, offline folders, shadow copies, and administrative shares.

Sharing Files

A shared folder is a folder whose contents (files) are made available for network users. To share a folder, you can use Windows Explorer, and once a folder is shared, its icon is a hand holding a folder. A file server is a computer dedicated to the purpose of hosting shared folders, and WS2003 can function as a file server by adding the File Server role using Manage Your Server. Alternatively, simply share a folder on the machine and the File Server role will be automatically added.

However, simply sharing a folder isn't enough to make network resources securely accessible to usersyou also need to assign suitable permissions to the folder to control who has access to it and what level of access they have. For folders on FAT or FAT32 volumes , you can use shared-folder permissions to do this, but shared-folder permissions aren't very granular and offer only a limited degree of control over users' access to the folder. Furthermore, they can be applied only to the folder and its contents as a whole and can't be applied to individual files within the folder.

A better way of securing shared folders is to locate them on NTFS volumes. This is because NTFS permissions are more granular than shared-folder permissions. NTFS permissions can also be assigned to individual files within a folder, giving administrators a much greater degree of access control. For more information about both NTFS permissions and shared-folder permissions, see Permissions earlier in this chapter.

Planning Shared Folders

When planning which folders to share, here are some tips to follow:

• Use share names that are intuitive to the users who will be accessing them. Examples are Pub for public folder, Apps for applications folder, Home for home folder, and so on. Be aware that certain share names could cause difficulties for client computers running specific Microsoft Windows operating systems that try to access them (see Table 4-50).

• Try to group folders according to security needs and then share their parent folder, instead of sharing each folder individually. For example, if you have three applications stored in the folders App1 , App2 , and App3 , place each of these folders into a parent folder called Apps and then share the parent folder. The fewer shared folders there are, the easier it will be for users to locate them on the network, and the less browse-list traffic they will generate.

Table 4-50. Share names acceptable to Windows operating systems

Connecting to Shared Folders

Once a folder has been shared on a file server, users can connect to it from their client computers in several ways:

• By browsing My Network Places if the icon is present on the desktop. This is probably the simplest way of finding a shared folder and connecting to it.

• By using Windows Explorer. This is really the same method as the first item, but using the hierarchical two-pane window interface of Windows Explorer instead of the one-pane window of My Network Places.

• By clicking Start, selecting Run, and then typing the UNC pathname to the shared folder. Note that if you type \\ servername \ sharename , you can open a window displaying the contents of the specific share, while if you type only \\ servername , a window displaying all shares on the specified server will open.

• By mapping a drive letter to the shared folder. This method can be used if you need to access a shared folder from an application that doesn't support UNC pathnames, if you need to back up the contents of shared folders over the network, or if you simply need a convenient way to access a particular share that you use often. To map a drive, right-click on My Network Places and select Map Network Drive to start the Map Network Drive Wizard.

Offline Files

Offline files is a feature of WS2003 that lets users work with files in shared folders even when the network connection is unavailable. When users want to work with their files, they typically connect to shared folders on network file servers to retrieve these files. When they modify these files, they save their new versions to the shared folders. This procedure has several benefits:

• It centralizes management of users' files, allowing them to be easily backed up by administrators.

• It allows users to roam between different client computers and still be able to access their files from a central location on the network.

The downside is that when the network connection becomes unavailabledue to either a network problem or the file server being downthe users are unable to access their files and can't do their work. The solution is to use the offline-files feature of WS2003, which allows files stored in network shares to be cached on the user's local computer so that these files are always available for the user .

How It Works

When offline files are configured, the process of accessing network resources is the same whether the user is connected to the network or not. When the user logs on, the locally cached copies of her files are synchronized with the copies on the network file servers so that both files are identical. Once synchronization is complete, the user can begin working with her files. The user can access these locally cached files the same way she accesses the copies on the networkfor example, by browsing My Network Places or Windows Explorer, entering the UNC path to the share in the Run box from the Start menu, or accessing a mapped network drive. The user works with the remote copy of the file in the shared folder on the network file server, but if the network connection to the file server becomes unavailable, the user is switched transparently to the locally cached version of the file on the user's client computer. The user still thinks she is accessing shared folders on the network, but she is actually working from her own offline-files cache. A notification can be configured to appear over the system tray to alert the user that she is working offline. When the user logs off, her locally cached files are again synchronized with the copies on the network file server if the connection has been restored.

How the user works on the files depends on how you configure offline files on the server:

• If you specify manual caching for documents, then the user must specifically designate remote files or shared folders for offline use. Changes to files not designated for offline use are made only on the file servers. If the network connection fails, the file or folder is automatically taken offline and the user works with only the cached version.

• If you specify automatic caching for documents, then any remote files or the shared folders they are in are automatically cached locally for offline use. Any changes made to the files are made to both the local and network versions of the files.

If the network connection is unavailable at the start of or during a user's session, the user can still work on her files locally. From the user's perspective, the process is the same as working with files stored on a network file server. This is particularly advantageous with computers that are, for the most part, only temporarily connected to the network, such as laptop computers.

If two users modify locally cached copies of the same file and one of them logs off (automatically synchronizing her files) when the second user logs off, a message will appear indicating that someone else on the network has modified the file and providing the user with the option of:

• Saving her version on the network

• Retaining the other version on the network

• Saving both versions on the network

In other words, changes made by two or more users aren't merged but are handled intelligently.

Implementing Offline Files

You must do two things to implement offline files on WS2003:

• Configure your file server for offline-file operation. WS2003 computers have offline files enabled by default, but you need to configure how this feature should operate . In addition, you need to configure how offline files will be synchronized.

• Enable local caching of files on the client computer.

Use offline files if users frequently need to work offline with files stored in shared folders on network file servers. If you occasionally need to transfer files between a laptop and a desktop computer using a direct cable connection, Briefcase will suffice.

Shadow Copies

New in WS2003, shadow copies are point-in-time copies of files in shared folders on file servers. You can use this feature to recover files that were accidentally overwritten or deleted and to compare different versions of a file. To view shadow copies, client computers must download special client software from the file server. You can also use Group Policy to assign this client software to users in your network.

Administrative Shares

WS2003 automatically shares certain volumes and folders to support remote administration and to enable access to network printers. Many of these administrative shares are hidden shares, and as a result they aren't visible in My Computer, My Network Places, Windows Explorer, or when you type net view at the command line, but they are visible in the Computer Management console under Shared Folders.

Table 4-51 lists common administrative shares and their functions. Depending on the configuration of your machine, not all of these shares may exist on your machine. For example, the SYSVOL share is present only on domain controllers.

Table 4-51. Administrative shares