COC-PEN

College of Information Technology

ITE 056 – Network Management

Windows Server 2008

Using Windows Server 2008 under the File Services role, you can install:
1. File Server - Allows you to share files and folders using the Share and Storage management
Console
2. Distributed File System (DFS) - Allows you to replicate copies of the shared folders on multiple
servers under one namespace
3. File Services Resource Manager (FSRM) - Allows you to monitor the files and set quotas
4. Network File System (NFS) - Allows you to set up Samba shares to share files with Linux and Unix
systems
5. Server 2003 File Services - Allows backwards compatibility

File Servers are used to hold files that can be shared among users in the environment. A share in
Windows Server 2008 is simply a folder that has been configured to be accessed over the network. Any
folder can be shared. You can create shares using Computer Management or Windows Explorer. Once
the folder is shared, it can be accessed using a universal naming convention of
\\servername\sharename. (e.g \\DC1\IT Files)

To help protect against unauthorized drive or folder access, you should use share permissions along
with NTFS permissions (assuming the shared folder is on an NTFS volume).

1. NTFS permissions allow you to control which users and groups can gain access to files and folders on
an NTFS volume.

CAD/2016 Revision Page 1 of 5

COC-PEN
College of Information Technology

2. The share permissions that are available are as follows:

• Full control: Users who are allowed this permission have Read and Change permissions, as well
as additional capabilities to change file and folder permissions and take ownership of files and
folders.
• Change: Users who are allowed this permission have Read permission and the additional
capability to create files and subfolders, modify files, change attributes on files and subfolders,
and delete files and subfolders.
• Read: Users with this permission can view file and subfolder names, access the subfolders of the
share, read file data and attributes, and run program files.

The Windows share permission system is completely separate from the NTFS permission system. You
can picture the share and NTFS permission systems as two doors that stand between the network users
and a shared folder. Users cannot access shared folder unless they have permissions on both.

To simplify managing share and NTFS permissions, Microsoft recommends giving everyone Full control
at the share level, then controlling access using NTFS permissions. In addition, because a user can be
member of several groups, it is possible for a particular user to have several sets of permissions to a
shared drive or folder. The effective share permissions are a combination of the user’s permissions and
the permissions of all groups of which the user is a member.

An administrative share is a shared folder typically used for administrative purposes and usually hidden.
To make any shared folder or drive hidden, the share name must have a $ at the end of it. Because the
share folder or drive cannot be seen during browsing, you have to use a UNC name to find the folder or
drive, which includes the share name (including the $). By default, all hard drive volumes with drive
letters automatically have administrative shares (C$, D$, E$, and so on). Other hidden shares can be
created as needed for individual folders.

CAD/2016 Revision Page 2 of 5

COC-PEN
College of Information Technology

Laboratory Exercise 15
Installing the File Services Role

In Windows Server 2008 Domain Controller:

1. Click Start  Administrator Tools  Server Manager.
2. In Server Manager select Roles.
3. Select Add Roles.
4. On the Before You Begin page, check Skip this page by default and click Next.
5. On the Select Server Roles page, select File Services, and then click Next.
6. On the File Services page, click Next.
7. On the Select Role Services page, in Role Services, ensure that File Server is selected. Click Next.
8. On the Confirm Installation Selections page, confirm your selections, and then click Install.
9. On the Installation Results page, confirm that your installation of the File Services role and
required role services completed successfully, and then click Close.

Laboratory Exercise 16
Creating Share Using Windows Explorer
1. Click Start  Administrative Tool  Active Directory Users and Computers.
2. Right-click the domain (e.g. ite056y2016xx.org) and select New  Organizational Unit.
3. On the New Organization Unit dialog box, Type in COC as name of the first OU. Uncheck the
checkbox Protect Container from Accidental Deletion. Click OK.
4. Create the following OUs under the COC OU:
Users Computers Groups Shares Printers

5. On the COC Users OU, create the following OUs:

Administration Faculty Students ITAdmins
6. On the COC UsersStudents OU, create the following OUs:
CIT CAS CEA CMA
7. On the COC UsersStudents OU, right click the CIT OU and select NewUser.
8. On the New Object – User dialog box type the following information below and then click Next.
First Name: Your First Name
Last Name: Your Last Name
User Logon Name: Your First Name first letter and Last name (e.g. UDaug)
9. On the New Object – User Password dialog box, enter @dmin2016 in the Password and Confirm
Password text boxes. Deselect the User Must Change Password at Next Logon option. Click Next.
Click Finish.
10. On the COC OU, right-click the Groups OU, and select New  Group.
11. On the New Object – Group dialog box, enter BSIT 4-IT4-W as the group name.
12. Right-click the BSIT 4-IT4-W Group and select Properties.
13. On the BSIT 4-IT4-W Group Properties, Click the Members tab and click Add. Type your name and
click Check Names, then click OK. Click OK.
14. On the COCUsers OU, right click the ITAdmin OU and select NewUser.
15. On the New Object – User dialog box type the following information below and then click Next.
First Name: John
Last Name: Phillips
User Logon Name: JPhillips
16. On the New Object – User Password dialog box, enter @dmin2016 in the Password and Confirm
Password text boxes. Deselect the User Must Change Password at Next Logon option. Click Next.
Click Finish.

CAD/2016 Revision Page 3 of 5

COC-PEN
College of Information Technology

17. Right click the user name John Phillips and click Properties.
18. On the Properties Dialog box, click Member Of Tab and click Add.
19. On the Select Group Dialog Window, type domain admins in the bottom text box and click Check
Names button. Make sure Domain Admins is selected and underlined. Click OK.
20. Close Active Directory Users and Computers console.

21. Open the Windows Explorer by pressing the windows logo key + E.
22. In Windows Explorer, browse the root of C:\. In the right pane, right-click an empty area and select
NewFolder. Rename the folder by typing Students Files.
23. Right click the Students Files folder and select Properties.
24. In the Students Files Properties dialog box, select the Sharing tab, then click the Advanced Sharing
button.
25. Select Share this folder. Type Students Files.
26. Click the Permissions button. Select Everyone and check Full Control and click Apply. Click Add
button.
27. On Select Users and Groups, type Administrators and click Check Names. Make sure that the
Administrators is selected and underlined. Click OK.
28. On Permission dialog box, select Administrators and check Full Control and click Apply. Click Add
button.
29. On Select Users and Groups, type System and click Check Names. Make sure that the System is
selected and underlined. Click OK.
30. On Permission dialog box, select System and check Full Control and click Apply. Click OK.
31. On the Properties dialog box, select Security Tab and click Edit button.
32. On Permission dialog box, click Add button.
33. On Select Users and Groups dialog box, type BSIT 4-IT4-W and click Check Names button. Make sure
that the BSIT 4-IT4-W is selected and underlined. Click OK.
34. On Select Users and Groups dialog box, Domain Admins and click Check Names button. Make sure
that the Domain Admins is selected and underlined. Click OK.
35. On Permission dialog box, select BSIT 4-IT4-W and check Modify and click Apply.
36. On Permission dialog box, select Administrators and check Full Control and click Apply.
37. On Permission dialog box, select System and check Full Control and click Apply. Click OK.
38. On Permission dialog box, select Creator Owner and check Full Control and click Apply. Click OK.
39. Click OK to close the Properties dialog box.

Laboratory Exercise 17
Publishing Shared Folder in Active Directory
1. Click Start  Administrative Tool  Active Directory Users and Computers.
2. On COC OU, right-click the Shares OU and select New  Shared Folder.
3. On the New Object - Shared Folder dialog box, Type in Students Files in the Name textbox and
\\DC1\Students Files in the Network path textbox. Click OK.
4. Close Active Directory Users and Computers console.
Alternative Method
5. Click Start  Administrator Tools  Computer Management.
6. On the Computer Management, browse System Tools Shared FoldersShares. Right click the
Students Files shared folder and select properties .
7. On the properties dialog box, click Publish Tab and click the publish checkbox. Click OK.
8. Close the properties dialog box.

CAD/2016 Revision Page 4 of 5

COC-PEN
College of Information Technology

Laboratory Exercise 18
Exploring the Shared Folder
In Windows 7 Client PC:
1. Join the Windows 7 client pc to the domain using the domain admins account.
2. Log on to the windows client pc using the user account created earlier.
Note: the user name format; domain name\username
3. In the run box type \\DC1\ Students Files to browse the shared folder.
Note: Use the UNC (Universal Naming Convention) \\servername\sharename in accessing the
shared folder and correct server name.
4. Open My Network Places.
Searching for shared folder in Active Directory
5. In My Network Places Dialog box, click Search Active Directory.
6. In the Find Users, Contacts and Groups, select Shared Folders in Find Combo Box then click Find Now
button.
7. Right click the Students Files and select explore to view the shared files.

CAD/2016 Revision Page 5 of 5