How to make a file server on windows 7. File server in Windows Server

• Tutorial

Good afternoon everyone. I would like to talk about installation and configuration Windows Server 2012 R2 Essentials. This article is not a call for widespread Windows installation or promotion of Microsoft products. I would just like to tell you about an interesting product and maybe someone will be interested in this product and find it useful in their work. I tried to write the article for an unprepared reader, so there is a minimum of terminology and a maximum of generalization of some concepts.

A little about the Essentials edition

Windows Server 2012 R2 Essentials is one of the editions of the server operating system from Microsoft. However, it has many differences from the Standard and Datacenter editions. What Essentials can do:

1. Authorization and authentication of users on your network (Domain Controller Active Directory)
2. File storage (file server role)
3. Remote access to corporate network(VPN and DirectAccess server)
4. Remote access to file storage via the Web interface (configured for this IIS)
5. Remote access to desktops of client machines (Remote Desktop Gateway)
6. Backing up client machines (windows backup)
7. Backing up the server itself (windows backup)
8. Integration with cloud technologies Microsoft (Office 365, Azure backup, etc.)
9. Essentials Unified Configuration Console, which will allow you to configure the features described above even for an untrained system administrator.

To summarize, the Essentials edition has most of the Windows Server roles. Some of these roles are configured, some are fully accessible, some, like Hyper-V, have serious limitations. The trade-off for all these limitations is a lower price, 25 CALs included, and centralized and easy setup. I would also like to note that the licensing process is seriously different. You can use this edition only for organizations where the number of users does not exceed 25. But again, you do not need to purchase any client licenses.
Therefore, Essentials is very suitable for small organizations that would like to use the most modern solutions to ensure the security of a corporate network, document storage, remote access, possibly email systems. For those organizations that would not like to spend a lot of money both on the IT infrastructure itself and on the work of highly qualified system administrators.

Installation and initial setup

Installing this OS is a completely standard procedure. If you have ever installed Windows Vista/7/8/8.1, then you can install Essentials without any problems. However, if you have not installed any of the above operating systems or any of latest versions server OS, then I recommend either trusting a professional or at least a second-year student.
The only thing I would recommend during installation, if you have one hard drive, is to split it into two partitions. Those. make sure that after installation there is a second one already formatted in the system HDD. Of course, this is only a recommendation; you can prepare a second disk later, but you will have to transfer some folders.
After logging into the newly installed OS for the first time, the “Set up Windows Server Essentials” wizard will launch, which will help you initial setup.

In the first step, you need to set the date and time settings.

In the second step you need to fill in English language Company name. The domain name and server name will be generated automatically in this case, although of course you can change them.

On next step you need to fill in the administrator name and set his password.

In the last step, you need to specify the method for updating the operating system and click configure

After this, a process will start that will make all the necessary initial settings. This will take about 30 minutes and require several reboots. During this time, the OS will have time, in particular, to install the necessary roles and configure the server as a domain controller for the new domain.

Settings

The product is very large and extensive, I would like to talk about the most basic configuration options, such as creating users, setting up remote access, creating folders, connecting clients.
All configuration takes place in the monitoring panel, access to it is available from the desktop, panel quick launch and the start screen.

Creating Users

When you launch this panel for the first time, you will see the installation tab, where you can perform a number of tasks to configure the server.
I'll start by adding users. Click the link to add accounts.

Select the level of access to the shared folders that have been created. At the initial stage, there is only one - the Organization. In the future, you can change access permissions both from the user properties and from the folder properties.

Your account has been created. Click close.

You can create multiple accounts in this manner. Of course, you can use the Active Directory Users and Computers interface that is familiar and familiar to you, but in this case you will have to grant access permissions manually.

Adding server folders

To add folders, there is another wizard that will help you both create a folder on disk and general access configure it for it and issue permissions. To launch it, you need to click the corresponding link in the dashboard.

In the wizard window that opens, enter a name. You can change the location and add a description. Click next.

On the next page we indicate the required permissions. If necessary, we make it unavailable for remote access.

From the last step of this wizard, you can launch the Archiving Setup Wizard. Click close.

Setting up remote access

Probably one of the most difficult stages Windows settings Server 2012R2 Essentials. Configuration also occurs using a wizard. The wizard is traditionally launched from the dashboard.

The first thing you need to configure is your router - the wizard tells you about this. You actually need to configure port forwarding on your router. To do this, the router must have a “white” IP address. It is better to configure a static IP address on the server itself. You need to redirect the following ports 80, 443, 1723, 987 to the IP address of your server. In general, the setup procedure can be performed by the wizard himself if your router supports UPnP. I did the settings manually, so I skipped this step.

After this, a new domain name setup wizard opens. Click next.

The wizard will prompt you to enter the name of the external domain or create a new one. For your own domain you will need a certificate, so we will consider here the setup option using Microsoft domain. Select a different domain name and click next.

Let's consider the option with a Microsoft domain.

Enter the domain name and check availability, click configure.

Well, we figured out the domain name. Let's continue further.

We choose which features will be available.

Choose whether it will be available remote access for current users.

Well, that’s all, you can try going to wiseguy.remoteweaccess.com.

From this website it is possible to access shared folders and access to user desktops.

Connecting workstations

If we open the monitoring panel this time and go to the computer connection page, we will see only instructions for action there

Following the instructions on the client in the browser, open the page http://<Имя сервера>/connect. Click the download link.

We choose to execute.

We accept the license and wait.

Enter the username and user password of this computer or administrator. I entered the user account.

Reboot the server.

We choose who will use the computer.

Enter a description of the computer.

Archiving options.

Hooray! Ready.

We go to the computer under account user.

You can work. The desktop already has all the necessary shortcuts.

Post scriptum

Of course, Windows Server 2012R2 Essentials is not a panacea. Much of it is automated, but not everything. However, for small organizations, this is quite interesting solution and it needs to be considered. In this article I talked only about the most basic settings Essentials. If you would like to get to know the product a little closer, you can watch my video reports on the website Techdays.ru.

Windows Server 2012 R2 Essentials first look: www.techdays.ru/videos/7351.html - here you can carefully study the Essentials installation process.

Windows Server 2012 R2 Essentials configuration: www.techdays.ru/videos/7370.html - configuration of all features is discussed, setting up remote access for your domain is shown.

Windows Server 2012 R2 Essentials Office 365 integration: www.techdays.ru/videos/7380.html - integration with cloud office from Microsoft.

This article shows how CAFS resources can be used to improve the availability and flexibility of existing infrastructure elements. CAFS technology provides higher availability of file resources general purpose, and also allows server applications, such as SQL Server and Hyper-V, store your data on file shares with high level availability, providing new options for storing mission-critical application data

Continuously Available File Shares (CAFS) are new technology introduced in Windows Server 2012. At a basic level, CAFS technology in Server 2012 extends Windows features file sharing using Server 2012 cluster technology. CAFS engines take advantage of new features in the Server Message Block (SMB) 3.0 protocol that improve the availability of Windows Server system shares used to store documents and support applications. New features in SMB 3.0 that leverage CAFS resources include SMB Scale-Out, SMB Direct, and SMB Multichannel.

CAFS technology is designed to solve problems encountered in earlier versions of high-availability file servers built on Windows Server failover clusters. Previous versions provided high availability of shared resources, but were susceptible to outages and short-term loss of connections when a node failed. Such short-term failures are usually acceptable in office applications (for example, Microsoft Office) frequently perform file open and close operations because these applications may reconnect to the resource and save changes after a failover. However, such failures are unacceptable in applications such as Hyper-V or SQL Server that keep files open for long periods of time. In such schemes, a failure can result in data loss. Before the appearance Server systems 2012 Microsoft company did not support installing Hyper-V or SQL Server on shares. Providing application support was one of Microsoft's main goals when developing CAFS technology. Although you can use CAFS mechanisms simply to provide client access to shared resources, the real purpose of this technology is to support server applications. CAFS technology enables mission-critical applications to take advantage of Windows Server's low-cost storage mechanisms. CAFS technology provides continuous access to shared resources, reducing downtime to virtually zero.

Choose a solution

There are two approaches to creating a CAFS resource.

• General purpose file server. This is very similar to the highly available file server support in Windows Server 2008 R2, the most common file server implementation of CAFS technology, which provides support for hosting shares on a failover cluster. CAFS technology improves the availability and performance of this scheme, thanks to the new high-performance SMB 3.0 client access mechanism.
• Scalable file server. Implementing a scalable file server is new opportunity CAFS technology designed to support applications such as Hyper-V and SQL Server without downtime. This implementation is limited to four servers.

An overview of the CAFS architecture is shown in the figure.

Drawing. CAFS architecture

One of the key technologies that makes the use of CAFS resources possible is Server 2012's support for SMB Transparent Failover mechanisms. SMB Transparent Failover mechanisms allow file server services to failover to a backup cluster node, allowing applications that have open files on a file server, they will not notice any interruptions in connections. CAFS technology ensures zero application downtime during both planned maintenance and unplanned failures.

Compliance with the requirements

Because CAFS technology uses the SMB 3.0 mechanisms of Server 2012, running the Server 2012 operating system is a requirement. The technology is supported in both editions, Server 2012 Standard and Server 2012 Datacenter. Essentials or Foundation editions do not support CAFS technology.

Additionally, to use CAFS technology, you must have a Server 2012 failover cluster. This means that you must have a Server 2012 cluster configured with at least two nodes. Fault-tolerant servers 2012 supports up to 64 nodes. you can find step by step instructions on setting up a failover cluster, see my article “Windows Server 2012: Building a Two-Node Failover Cluster” (published in Windows IT Pro/RE No. 2012).

In addition to the actual presence of the cluster, the file server role must be installed on each node. The clustered file server must have one or more file shares configured with the new option enabled to ensure that the resource is always available. Next, I'll go into detail about creating and configuring always-on shared folders.

In a two-node failover cluster, the clustered storage must have at least two different LUNs configured. Stored on one volume shared files. This volume must be configured as a shared volume cluster cluster shared volume (CSV). Another volume will act as a witness disk. Most solutions use more volumes.

It is also recommended to configure the network so that there are multiple paths between nodes. Thanks to this topology, the network ceases to be the only point of failure. Using a join network adapters and/or redundant routers allows you to increase the level of fault tolerance of your network.

Finally, to take advantage of the new SMB Transparent Failover mechanism, computers running an SMB client must be running Windows 8 or Server 2012. When an SMB 3.0 client connects to a CAFS resource, it notifies the cluster witness service. The cluster assigns a node to be a witness for of this connection. The witness node is responsible for switching the client to a new host server if the service stops, without forcing the client to wait for the TCP response time to pass.

Creating General Purpose CAFS Resources

To configure a CAFS resource, open the Failover Cluster Manager wizard on any of the cluster nodes. Then click on the Roles node in the navigation pane. As Figure 1 shows, the Roles window displays your installed roles.

Screen 1: Failover Cluster Manager Wizard

A cluster can support multiple roles and provides high availability for each of them. On Screen 1 we see the configured virtual machine with a high level of availability. To create a new general purpose CAFS resource, click the Configure Role... link marked in the Actions window. The High Availability Wizard, shown in Figure 2, launches.

The File Server Type dialog box allows you to select whether you want to create a file server for general use or a Scale-Out File Server for application data. The "general purpose" role can be used to configure both shared folders based on the mechanism Windows SMB, and NFS-based shared folders. General purpose CAFS resources also support data deduplication, DFS replication, and data encryption. Click Next to continue creating the general purpose CAFS resource. The Client Access Point dialog box appears, as Figure 4 shows.

Screen 4: Client Access Point Window

To create a new general purpose CAFS resource, you must specify a server name that clients will use when accessing the CAFS resource. This name will be registered in DNS, and clients will specify it in the same way as the server name. In addition, a general purpose CAFS resource also requires an IP address. In Figure 4, I named the service CAFS-Gen (for a general purpose CFAS resource) and a static IP address of 192.168.100.177. Clicking Next will allow you to select cluster storage for the CAFS resource.

The Select Storage dialog box, which Figure 5 shows, allows you to select storage for your general purpose CAFS resource.

Screen 5: Select Storage Window

The storage must be accessible to cluster services. In other words, it must be in the list of cluster storage nodes and must be marked as available storage. You cannot use pre-assigned CSV Cluster Shared Volumes to create a general purpose CAFS resource. IN in this example I could use three various disk, and chose Cluster Disk 5 because I initially prepared this storage to host a CAFS resource (Screen 5). However, you can select any of the available disks in the cluster. Clicking Next will take you to the Confirmation screen. Here you can confirm your settings or return to the High Availability Wizard dialogs and make changes. If you are happy with all the settings, click the Next button on the Confirmation screen and navigate to the Configure High Availability window, which displays the progress of configuring the CAFS resource. Once setup is complete, you will see the Summary screen. Clicking the Finish button on the Summary screen will close the High Availability Wizard and return you to the Failover Cluster Manager window, which Figure 6 shows.

After creating a CAFS role, the next step is to create an always-available shared file folder using this role. Figure 6 shows that the CAFS-Gen role is actively running and using the File Server role. To add a new permanently accessible file share, select the Add File Share link in the window you see on the right side of Screen 6. You will see the Task Progress dialog box, which displays the process of retrieving information from the server. Immediately upon completion, the New Share Wizard dialog box that you see in Figure 7 will appear on your screen.

Figure 7: New Share Wizard Window

The first thing the New Share Wizard will ask is what type of CAFS share you want to create. You can select one of two types of CAFS resource: SMB or NFS. SMB Share-Quick mode enables the creation of a general purpose CAFS resource. SMB Share-Applications mode is responsible for creating a highly reliable application share for systems such as Hyper-V or SQL Server. I discuss creating scalable CAFS resources for applications below. To create a general purpose CAFS resource, select SMB Share-Quick mode and click Next. The New Share Wizard displays the Share Location dialog box, which Figure 8 shows.

Figure 8: Share Location Window

The CAFS role name appears in the Server Name field. In Screen 8 we see the name of the CAFS-Gen role that I created earlier and its status is online. You can choose to host the share using the fields at the bottom of the screen. In this example, the G drive was selected by default (Screen 8). If you want to use a different drive, you can enter an alternative path in the Type a custom path field located at the bottom of the screen. In this example, I leave the default G drive and click Next to go to the Share Name dialog box, which Figure 9 shows.

Screen 9: Share Name

The Share Name dialog box allows you to enter a name for the file share. For simplicity, I used the same name for the CAFS resource as the service, CAFS-Gen (Figure 9), but this is not necessary. You can give the shared folder any valid SMB name. In the center of the screen we see the local and remote paths to the CAFS resource. The local path in this example is G:\Shares\CAFS-Gen. Network systems will access the shared folder along the path \\CAFS-gen\CAFS-Gen. Clicking Next opens the Configure share dialog box, which Figure 10 shows.

Figure 10: Share Configuration Window

The Configure share dialog box allows you to control how the server processes the resource. To make a file resource continuously available, you need to set the Enable continuous availability flag. This option is enabled by default. The Enable access-based enumeration setting controls whether non-privileged users can view files and folders. This option is disabled by default. The Allow caching of share parameter allows offline users to access the resource using BranchCache technology. Finally, the Encrypt data access option allows you to secure remote access to files by encrypting data sent to and retrieved from the resource. This option is disabled by default. Clicking Next opens the Permissions dialog box, which Figure 11 shows.

Figure 11: Assigning Permissions to the Share

By default, a CAFS resource is created with Full Control privileges granted to the Everyone group. In most solutions, you will likely want to change the permissions setting. In this example, I accept the default permissions. Clicking Next will take you to the Confirmation dialog box, where you can view a summary of the actions you performed on previous New Share Wizard screens. You can click the Previous button to return to these screens and change any settings. Clicking the Create button in the Confirmations dialog box will create the CAFS resource and configure permissions for the shared folder. Once the CAFS resource is created, we can access it like any file share. Figure 12 shows how to connect to a share by typing Windows Explorer server and shared folder names – \\cafs-gen\CAFS-Gen.

You can now populate the shared folder with documents and other types of files that can be used more efficiently thanks to the high availability of CAFS resources.

Creating Scalable CAFS Resources

The primary purpose of CAFS resources is to provide high availability to applications that store data in file shares. In the past, Microsoft has not provided this type of support for applications like SQL Server that store their databases on file shares. This changed with the release of Server 2012, which supports CAFS technology. Configuring scalable CAFS resources is different from configuring general purpose CAFS resources. However, the same High Availability Wizard is used to create a scalable solution. To create a new CAFS resource to support scale-out applications, select the Configure Role... link in the Actions window of the Failover Cluster Manager snap-in (Figure 1). Next, in the Select Role dialog box, select the File Server role (see Figure 2). These two steps are the same as when creating a general purpose CAFS resource. However, as Figure 13 shows, you must select Scale-Out File Server for application data in the File Server Type dialog box.

The Client Access Point dialog box allows you to specify a name for the CAFS role. I named the CAFS scale-out resource CAFS-Apps (Figure 14). This is the server name that client applications use when accessing the shared resource. Clicking Next will take you to the Confirmation screen, where you can confirm your selections or return to the High Availability Wizard windows and make changes. If everything is correct, click the Next button on the Confirmation screen to go to the Configure High Availability dialog box, which displays the progress of configuring the CAFS resource. Once the setup process is complete, you will see the Summary screen. Clicking the Finish button on the Summary screen will close the High Availability Wizard and return you to the Failover Cluster Manager snap-in.

The next step is to add a file share to the scale-out application CAFS server. To create a new file share for the CAFS role, select the Add File Share link from the Actions window, similar to creating a general purpose file folder in Figure 6. Click the Add File Share link for the CAFS scale-out share to launch the New Share Wizard shown on screen 15.

To create a scale-out CAFS share from the Select Profile dialog box, highlight the SMB Share-Applications profile in the File share profile list, and then click Next to go to the Share Location dialog box, which Figure 16 shows.

The Server field at the top of the dialog box displays the two CAFS file servers you created earlier. To add a CAFS resource to a scale-out application file server, select the CAFS-APPS file server with the description Scale-Out File Server in the Cluster Role column. After that, select the CSV volume on which you want to create the CAFS share. In this example, two created cluster shares are available. I selected volume C:\ClusterStorage\Volume1 as the location for the new CAFS resource. If you wish, you can manually enter the path to another CSV volume as well. After selecting the CSV volume, click Next to go to the Share Name screen, shown in Figure 17.

The Share Name dialog box allows you to assign a name to the file share. I named the CAFS resource for scalable applications HyperV-CAFS (Figure 17). In the center of the screen we see the local and remote paths to the CAFS resource. The local path in this example is C:\ClusterStorage\Volume1\Shares\HyperV-CAFS. Remote access to the shared folder will be made using the network name \\cafs-apps\HyperV-CAFS. Click Next to go to the Configure dialog box, see Figure 18.

When creating a scalable CAFS resource, the Enable continuous availability flag is set by default.

The Enable access-based enumeration and Allow caching of share options are disabled and you cannot select them. The only additional option you can select is Encrypt data access. I left the default settings unchanged (Screen 18). Click Next to go to the Specify permissions to control access dialog box, which Figure 19 shows.

Like a general-purpose CAFS resource, a scale-out CAFS resource is created with Full Control privileges granted to the Everyone group—and these are the permissions you will likely want to change. I accepted the default privileges and clicked Next, which opens a Confirmation dialog where you can view a summary of previous actions dialog boxes New Share Wizard. You can click the Previous button to go back and change any of the settings. Clicking the Create button in the Confirmations window will create the CAFS scale-out resource and configure the specified permissions. Once the resource is created, you can connect to it locally using the path C:\ClusterStorage\Volume1\Shares\HyperV-CAFS, or remotely using the path \\cafs-apps\HyperV-CAFS. The new CAFS share is now visible at the CSV volume mount point (Screen 20).

Figure 20: New CAFS resource

Now you can fill the resource virtual machines Hyper-V SQL data Server, as well as log files and other types of application data.

Improving File Availability

In this article, I showed how CAFS resources can be used to improve the availability and flexibility of existing infrastructure elements. CAFS technology provides higher availability for general-purpose file shares and also allows server applications such as SQL Server and Hyper-V to store their data on highly available file shares, providing new capabilities for storing mission-critical application data.

Files are the piece of information that is most frequently used by the average office worker. One way or another, we read, modify, copy and exchange a lot of files during the working day. Without proper organization of the storage structure and file management, within a week a small office network can turn into a big file dump. Using file servers will help avoid this. We have already talked about organizing file storage based on the product. In this article we will talk about based Microsoft Windows Server.

Windows Server 2016 allows you to use the file server not only for users, but also for other services and applications. You can configure file services to solve problems such as:

1. Organizing shared folders for users
2. Storing user profiles
3. Organizing a shared resource for Hyper-V servers
4. Organizing database storage for SQL Server
5. Creating a shared file space for applications (for example, Citrix PVS, Microsoft IIS, etc.)
6. Other scenarios.

A clear understanding of the task gives an idea of ​​the requirements for fault tolerance, performance, throughput, access control, and encryption. And after that, you can begin planning the architecture and further configuring the necessary services.

In a production environment, the most common requirement is to use a fault-tolerant file service. The disadvantage of using Windows Server Failover Cluster is that the cluster operates in Active-Passive mode. Starting with Windows Server 2012, you can use the Scale Out File Server, which can operate in Active-Active mode with read caching, increasing overall file service performance and throughput. However, it also has a number of disadvantages and limitations. For example, Scale Out File Server is not well suited for file storage scenarios where metadata changes frequently. Therefore, the main tasks of its use are Hyper-V, SQL Server, a library of images with rare changes and a small number of accessing users. A complete list of supported Windows Server 2016 storage technologies for both types of clusters can be found at.

By using the latest versions of Windows Server, you also get the benefits of SMB3.0 technology. Among its features:

• SMB Transparent Failover. Allows you to transparently failover to another node in a failover cluster.
• SMB Multichannel. Allows you to increase throughput and fault tolerance by creating multiple transmission channels and aggregating several network cards for the SMB protocol.

However, you must remember that to get the effect, this technology must be supported by both the server and the client. Therefore, it is necessary to update the operating systems of not only the servers, but also the workstations that will access them. SMB 3.0 technology is supported starting from operating systems Windows 8 and Windows Server 2012. If you have a problem updating servers or workstations running Windows OS, our specialists are always ready to help you.

As our company's many years of experience show, the most common case of using file services is to build a fault-tolerant file resource for storing users' public folders and hosting redirected personal user folders from local profiles. Regardless of the choice of solution architecture, to create such a resource you will need a shared volume accessible to both cluster nodes. It can be placed on hardware or software storage systems. If you purchased Windows edition Server 2016 Datacenter, then you may consider using Storage Spaces Direct or similar products from other vendors, including Datacore SANSymphony, Dell EMC ScaleIO, Starwind Virtual SAN. The last of the listed products can be considered for a budget option and testing. This option is becoming more attractive due to recent changes in the product distribution policy. The developers have removed restrictions on functions and number of nodes for their free version, while removing GUI management and technical support. True, there is a 30-day testing period with all functionality included.

Since there are many articles on the Internet with step-by-step setup fault-tolerant file cluster based on Windows Server OS, we will not provide specific instructions, but will focus only on certain, in our opinion, useful nuances:

1. Even at the planning stage, it is necessary to develop a folder structure according to your needs. Most often, it will be individual for each company. When planning, it is advisable to adhere to the rule “Security settings are distributed only to the root folder of the shared resource”
2. One of useful functions is deduplication. In the scenario of storing user data, significant savings in disk space can be achieved. This is confirmed by testing, one of which can be found in this. We recommend using it.
3. Do you need to provide access for *nix systems? To do this, you need to raise the NFS server role.
4. If you plan to connect branches to resources via WAN links, you can configure the BranchCache service for network files. It allows you not to re-download once downloaded data to a remote site.
5. If this does not contradict security policies, then you can use your lightweight corporate “OneDrive” - the Work Folders service. This will allow you to synchronize files between the server and several working devices.
6. DFS Namespace - Allows the user to see only those folders that they have access to. You can display shares from different file servers in the same namespace. You can also deploy the role in failover cluster mode. It is also convenient because when you change the actual location of the files, you just need to replace the path to the resource in the DFS Namespace settings instead of reconfiguring a certain (sometimes very large) number of client PCs.
7. Instead of assigning multiple network drives, it is now possible and convenient to add just the root of the DFS space as the home folder. And inside there will already be the necessary folders.
8. We recommend installing File Server Resource Manager. Reporting and alerts are very helpful in administration.
9. We also recommend that you enable file access auditing to know who deleted or modified a file. If the standard functionality is not enough, you can use paid solutions, for example: Condusiv Undelete Server or Netwrix Auditor for Windows File Servers.
10. It is quite enough to set up an alert about the end of free disk space. If more stringent restrictions are needed, quotas can be used. This often complicates both setup and further administration.
11. Using file masks to limit the type of files stored has the same effect. It can be easily avoided by renaming the extension. However, it works well in the case of organizing foolproof protection.
12. For the SMB Transparent Failover feature to work, you must specify the Continuous Availability attribute when creating a shared folder.
13. For each directory with different access a security group is created in Active Directory. All changes are made only to the Active Directory group and do not result in reassignment of NTFS permissions for each file and folder in the directory. This way, access to the file share simply changes the next time the user logs in. It is also possible to use group policies For automatic change access rights.
14. It is very important to use an object naming policy that will allow you to clearly determine its purpose by name. For example, SF-Finance-RW (Share Folder-Finance-ReadWrite - an access group with write permission to the Finance shared folder).
15. Aerobatics is the use of dynamic access control, when access to a file resource is granted subject to all values ​​of the tags of the user, device and the folder or file itself. In this case, tags are created in advance and can be assigned to files and folders either manually or automatically. The access policies and tags themselves are created in Active Directory. This solution adds greater flexibility when creating access policies and can take into account various object attributes, such as the user's country and department, whether a corporate computer is used for access, and time of day. This is a theory. In practice, our company’s specialists have never encountered such solutions.
16. But in practice, enabling the functionality of storing multiple previous versions documents based on the shadow copy service. In this case, users will be able to restore old versions of files themselves. Features and setup instructions can be read here.
17. But remember that none of the above eliminates the need to have a system Reserve copy! I love it. Microsoft DPM, Veeam Backup and Replication, Veritas Backup Exec, Handy Backup. Windows Image Backup and Cobian Backup are free.

To summarize, we can say that file services are not as simple as many people think, and their proper design and operation is the key to productive and secure work for users and corporate applications!

If you are in doubt about the correct configuration of your file services, our specialists are ready to audit your system and provide recommendations based on the best practices and extensive experience of the company, as well as implement a solution,

There are no similar articles.

In my opinion, this is a very excellent topic to write about. At one time it was interesting to set up some kind of server on your computer for more convenient file sharing. Having tried different ones and even the protocol, I realized that I don’t like them at all, the first ones look, to put it mildly, poorly in the browser, the second ones, although they have their obvious advantages, but connecting network drive I don’t want it on other people’s computers. But one (beautiful and sunny) day I came across a program called HTTP File Server (HFS for short), installed it, configured it (since I started working with the cleanest version, there were some problems with it) and almost fell in love with this program. To access my files, it is now enough to have any browser, since all access is carried out through a regular web page. I also created a folder into which a person who knows the password can add a file directly through the browser. Files from the server can be downloaded either one at a time or in folders at once. The program itself will place the folder in a .tar archive without compression and send it for downloading. At the same time, the site has a rather neat appearance, although if you wish (and have sufficient knowledge), you can write a site template yourself. Admit that this is a great way to transfer files easily and conveniently?

And here is an example of the page that you will see in the browser window, as you can see everything is beautiful and neat; you can find many beautiful templates on the program forum:

Although her menu is entirely in English, this is not a hindrance for me. And for those who do not know English well, at the end of the article I will try to explain as fully as possible what all sections of the menu are responsible for and how to use them.

So, let's move on to installing and configuring HTTP File Server:

1) To save you some time, I prepared an HFS assembly with a Russian-language website template and made the initial setup of the program itself. You can download the assembly from my Yandex.Disk using the link. If you are confident in your abilities, then you can download a clean version of the program on the official website http://www.rejetto.com/hfs/

That's all. I hope you found this article useful, click one of the buttons below to tell your friends about it. Also subscribe to site updates by entering your e-mail in the field on the right.

Thank you for your attention:)

How to transfer any files on the Internet and local network?

How to find out when files were taken from the server?

Transferring a file using a password and login?

You will find the answer to all these questions and others related to files and information transfer in this article.

1. HFS ~ Http File Server is the most advanced file server because it is so easy to use that a child can handle it. And to the extent that they tried to write its code, it is not demanding on the resources of a computer device, which allows its installation and further use on almost any computer. Distinctive feature This server is that it works according to a protocol different from all similar servers; data transfer is carried out according to the HTTP protocol for viewing Internet sites and not like FTP. Such a server will be useful in a small organization, although it will not hurt in a large one, but in large companies there are specialized servers that perform other server functions. But if you deploy it, it will take out any company, but from the IT side it is not convenient because it only plays the role of a file server and several others, but this is not about that. It will also be useful for home use, storing photos, videos and other files of, say, one family. At any time, any family member can connect, which will not be a problem, go in and view any file or upload it to the server. You can log into the server from any device, since currently there is no device that does not support the HTTP protocol. If only washing machine and she supports it!

How to install a file server, configure and work in it?

2. Installation is simple and does not require additional knowledge. More precisely, it is not there at all; we will put the downloaded hfs.exe file in any folder of your choice. I put a folder on the C:\hfs drive that I created myself and called it, for convenience and later on, the abbreviated name of the server itself. Having launched the downloaded Hfs.exe file, which was hidden along the path described above, by double-clicking on it with the mouse, you will be greeted by a server window with the determined IP address of your computer, the local address (gray). Actually, it will act when there is a request to the file server. If you click on “Open in Browser”, a page with our server will open, as in picture 2.
3. Picture 2.) A running file server in the browser, as other users see it.

How to put or upload files to the server?

4. First we need to create a folder into which we will add files. You can make as many folders as you like. Click "Menu" as shown in the picture below. Select "Add Folder From disk" from the context menu:
5. Next, a window will open in which we select the location where we will create the folder, click on the “create folder” button. Click "OK"
6. A not entirely clear question will follow about what folder you want to create. Virtual small or real big. Personally, I didn’t quite understand what the author who created had this server, I have many versions of what this could mean. I didn’t bother to figure it out and created a real big daddy. Something like this is what I chose “Real Folder”:
7. The folder has been created and you can see an example of it in the picture, under numbers 1-2 below. Number 3. All information about the file server will be displayed here, what commands and actions were performed, who visited. Let there be a log, all information and all addresses will be recorded, who when, where, what they did on the file server:
8. We have set up a file server with file storage and now it’s time to see how it works. If your device from which you want to access the file server is connected to the same WiFi or the same router as the server itself. Then open any browser in which you surf the Internet and type the IP address under which you have a file server, right in the address bar where you usually type the site address. Not to be confused with address bar search engines. Press ENTER after entering the address and you will be taken to the file server directly in the browser, which is very convenient; you do not need to install clients like for other file servers that operate on the FTP or SFTP protocol.

How to access a file server from the Internet while at work or visiting?

9. Login to a file server via the Internet while being in a place other than yours local network It’s very simple and there’s even a test for this in the server itself to test the settings. First, you need the two most necessary options without which you cannot do this. 1.) This is a Static white IP address for recognition of your server on the Internet. If you don’t have a static IP, you can set up DDNS and there’s an article on this ““. 2.) Forward port 80 on your router, which is also not difficult. There is also a tutorial on port forwarding "". Once you have done this, you can test all the settings by running the test from the server itself:
10. The progress bar will show how far the test of the settings has been completed or passed and your server is accessible from the Internet:
11. I do not have a dedicated “IP” and therefore my test failed, with the message that the ports on the router are closed, namely port 80.
12. If you have a dedicated address that can be obtained in several ways, believe me, there are a lot of them and port forwarding is done, which is also not difficult in the router settings. Everything will work like clockwork. On the local network, the server is already ready to distribute files to everyone. This can be done in the office, or at home, transfer files to another computer in place of a flash drive, without running around floors or offices, from your phone or computer.

So how do you upload files to the server?

13. We open our created folder for the server in Windows Explorer and copy the files necessary for everyone to see there. I created in the folder text file and wrote in it Hello!!! We close the folder and in the main server window click on “Open in Browser”, as we did in the very first example. Now a page with the file has opened in the browser.
14. 1. Your folders will be displayed in this section.
15. 2. By clicking on the folder in the first section, the files in the folder will be shown here. By clicking on the file with the mouse, you will open it (if the file is a text file, you can read the contents directly in the browser).
16. 3. You can download the file by clicking on the "Archive" button

How to prohibit or limit the number of people who can access the server?

17. We taught our server to show files and folders, but anyone can access them if they know the IP address. You can create multiple folders with different passwords for different people or circles of people. Again, the main window of the file server is the same as the first time, since all settings take place only on the server itself. This is done for security purposes. Cry right click mouse over a folder that we restrict access to for others and that not everyone will have access to. IN context menu select "Set user/pass..":
18. A very familiar window with login and password information, these are used in many places. We write a login at your discretion and a password also at your discretion, and a second time the password, confirm the password again. "OK."
19. As in the above examples, in which we went to the file server to view files through a browser. So in this too, we also type the IP address of your file server (let me remind you that you can view it in the main window of the server). I should have added it to my bookmarks a long time ago so I don’t have to bring it up every time. As soon as you go to the server, you will not see a site with files from your file server. Because there is a restriction on the folder for logging in and viewing, downloading and uploading. You will be asked to enter your username and password in a fairly familiar window:
20. If everything is entered correctly, the system will let you through after checking the data and you will see your files. This server, nicer than just “FTP”, is easy to use and you can view the operations of users who have logged into the server from the main window. Even a child can cope with setting up and further administering the server, as I wrote above, having seen for themselves from the article. Suitable both at home and in the office. I need to transfer the file to a friend, please put it in the server folder. They copied and sent the server address, let them take it. It’s very simple: you have a folder on your computer from which others can take files or, on the contrary, add them. You have something like your own cloud on your computer only on the HTTP protocol, no need to install additional clients to download or upload files as they do using the FTP protocol! When you access the server through a browser, everything looks like your own website, like something like a website with software programs. A really worthwhile server, and while I was writing the article I thought about the idea of ​​creating, or rather attaching a server to this site, making a section as before for downloading programs.

Skins for file server:

1. Can change appearance file server. What is the admin part and what is for users. Quite nice skins are posted by users. True, English versions can be found on the forum. You can download the skin I have already downloaded from Yandex disk. It looks like this: