A hard disk drive is the most common storage device used on network workstations and servers. Users depend on hard disk drives to store their word-processing documents, spreadsheets, and other types of data. Drives are organized into file systems that users can access either locally or remotely as follows:
Local file systems. Installed on a user’s computer and don’t require remote network connections to access. An example of a local file system is the C drive available on most workstations and servers. You access the C drive using the file path C:.
Remote file systems. Accessed, on the other hand, through a network connection to a remote resource. You can connect to a remote file system using the Map Network Drive feature of Windows Explorer.
Wherever disk resources are located, it’s your job as a system administrator to manage them. The tools and techniques you use to manage file systems and drives are discussed in this chapter. Chapter 12, looks at volume sets and fault tolerance. Chapter 13, tells you how to manage files and directories.
Before you make a hard disk drive available to users, you’ll need to configure it and consider the way it’ll be used. Microsoft Windows Server 2003 makes it possible to configure hard disk drives in a variety of ways. The technique you choose depends primarily on the type of data you’re working with and the needs of your network environment. For general user data stored on workstations, you might want to configure individual drives as stand-alone storage devices. In that case, user data is stored on a workstation’s hard disk drive, where it can be accessed and stored locally.
Although storing data on a single drive is convenient, it isn’t the most reliable way to store data. To improve reliability and performance, you might want a set of drives to work together. Windows Server 2003 supports drive sets and arrays using redundant array of independent disks (RAID) technology, which is built into the operating system.
Whether you use individual drives or drive sets, you’ll need physical drives. Physical drives are the actual hardware devices that are used to store data. The amount of data a drive can store depends on its size and whether it uses compression. Typical drives have capacities of 20 gigabytes (GB) to 300 GB. Many drive types are available for use with Windows Server 2003, including Small Computer Systems Interface (SCSI) Ultra SCSI, Parallel ATA (PATA), and Serial ATA (SATA).
The terms SCSI, Ultra SCSI, PATA, and SATA designate the interface type used by the hard disk drives. This interface is used to communicate with a drive controller. SCSI drives use SCSI controllers, Ultra SCSI drives use Ultra SCSI controllers, and so on. When setting up a new server, you should give considerable thought to the drive configuration. Start by choosing drives or storage systems that provide the appropriate level of performance. There really is a substantial difference in speed and performance among various drive specifications.
You should consider not only the capacity of the drive but also its:
Rotational speed. A measurement of how fast the disk spins
Average seek time. A measurement of how long it takes to seek between disk tracks during sequential input/output (I/O) operations
Generally speaking, when comparing drives that conform to the same specification, such as Ultra320 SCSI or SATA II, the higher the rotational speed (measured in thousands of rotations per minute) and the lower the average seek time (measured in milliseconds), the better. As an example, a drive with a rotational speed of 15,000 RPM will give you 45 percent to 50 percent more I/O per second than the average 10,000 RPM drive, all other things being equal. A drive with a seek time of 3.5 msec will give you a 25 percent to 30 percent response time improvement over a drive with a seek time of 4.7 msec.
Other factors to consider include:
Maximum sustained data transfer rate. A measurement of how much data the drive can continuously transfer
Mean time to failure (MTTF). A measurement of how many hours of operation you can expect to get from the drive before it fails
Nonoperational temperatures. Measurements of the temperatures at which the drive fails
Most drives of comparable quality will have similar transfer rates and MTTF. For example, if you compare Ultra320 SCSI drives with a 15,000 RPM rotational speed, you will probably find similar transfer rates and MTTF. As an example, the Maxtor Atlas 15K II has a maximum sustained data transfer rate of up to 98 megabytes per second (MBps). The Seagate Cheetah 15K.4 has a maximum sustained data transfer rate of up to 96 MBps. Both have a MTTF of 1.4 million hours. Transfer rates can also be expressed in gigabits per second (Gbps). A rate of 1.5 Gbps is equivalent to a data rate of 188 MBps, and 3.0 Gbps is equivalent to 375 MBps. Sometimes you’ll see a maximum external transfer rate (per the specification to which the drive complies) and an average sustained transfer rate. The average sustained transfer rate is the most important factor. The Seagate Barracuda 7200 SATA II drive has a rotational speed of 7,200 RPM and an average sustained transfer rate of 58 MBps. With an average seek time of 8.5 msec and an MTTF of 1 million hours, the drive performs comparably to other 7,200 RPM SATA II drives. However, most Ultra320 SCSI drives perform better.
Temperature is another important factor to consider when you’re selecting a drive—but it’s a factor few administrators take into account. Typically, the faster a drive rotates, the hotter it will run. This is not always the case, but it is certainly something you should consider when making your choice. For example, 15K drives tend to run hot, and you must be sure to carefully regulate temperature. Both the Maxtor Atlas 15K II and the Seagate Cheetah 15K.4 can become nonoperational at temperatures of 70°C or higher (as would most other drives).
After you install a drive, you’ll need to configure it for use. You configure the drive by partitioning it and creating file systems in the partitions, as needed. A partition is a section of a physical drive that functions as if it were a separate unit. After you create a partition, you can create a file system in the partition.
Two partition styles are used for disks: Master Boot Record (MBR) and globally unique identifier (GUID) Partition Table (GPT). x86-based computers use the MBR partition style. MBR contains a partition table that describes where the partitions are located on the disk. With this partition style, the first sector on a hard disk contains the master boot record and a binary code file called the master boot code that’s used to boot the system. This sector is unpartitioned and hidden from view to protect the system.
With the MBR partitioning style, disks support volumes of up to 4 terabytes and use one of two types of partitions—primary and extended. Each MBR drive can have up to four primary partitions or three primary partitions and one extended partition. Primary partitions are drive sections that you can access directly for file storage. You make a primary partition accessible to users by creating a file system on it. Unlike primary partitions, you can’t access extended partitions directly. Instead, you can configure extended partitions with one or more logical drives that are used to store files. Being able to divide extended partitions into logical drives allows you to divide a physical drive into more than four sections.
Itanium-based computers running 64-bit versions of Windows use the GPT partition style. The key difference between the GPT partition style and the MBR partition style has to do with how partition data is stored. With GPT, critical partition data is stored in the individual partitions and there are redundant primary and backup partition tables for improved structure integrity. Additionally, GPT disks support volumes of up to 18 exabytes and up to 128 partitions. Although there are underlying differences between the GPT and MBR partitioning styles, most disk-related tasks are performed in the same way.
You’ll use the Disk Management snap-in for the Microsoft Management Console (MMC) to configure drives. Disk Management makes it easy to work with the internal and external drives on a local or remote system. Disk Management is included as part of the Computer Management console and can also be added to custom MMCs.
Windows Server 2003 R2 includes two additional consoles for working with disks and file systems: File Server Management and File Server Resource Management. File Server Management includes an extended form of the Disk Management snap-in called the Disk And Volume Management snap-in. The Disk And Volume Management snap-in includes Storage Manager for storage area networks (SANs), a component that uses the Virtual Disk Service (VDS) and VDS hardware providers installed on a computer to configure SANs.
To start Disk Management and connect to a local or remote system in Computer Management, follow these steps:
Run Computer Management by going to Start, selecting Programs or All Programs as appropriate, then Administrative Tools, and then Computer Management.
You’re automatically connected to the local computer on which you’re running Computer Management. To manage hard disk drives on another computer, right-click the Computer Management (Local) entry in the console tree and select Connect To Another Computer on the shortcut menu. You can now choose the system whose drives you want to manage.
In Computer Management, expand Storage and then select Disk Management. You can now manage the drives on the local or remote system.
Tip
If you receive an error message from the Logical Disk Manager, read the message and click OK. A failed connection to the Logical Disk Manager Service usually means that this service or the related administrative service isn’t started on the local or remote system. If necessary, start Logical Disk Manager and Logical Disk Manager Administrative Service as described in the section entitled "Starting, Stopping, and Pausing Services" in Chapter 3. Network policies and trusts can affect your ability to administer computers remotely as well.
The steps for accessing Disk Management in File Server Management are similar. Regardless of whether you are using Computer Management or File Server Management, Disk Management has three views: Disk List, Graphical View, and Volume List. With remote systems, you’re limited in the tasks you can perform with Disk Management. Remote management tasks you can peform include viewing drive details, changing drive letters and paths, and converting disk types. With removable media drives, you can also eject media remotely. To perform more advanced manipulation of remote drives, you can use the DISKPART command-line utility as discussed in Chapter 8–Chapter 10 of the Microsoft Windows Command-Line Administrator’s Pocket Consultant (Microsoft Press, 2004).
Note
Before you work with Disk Management, you should know several things. If you create a partition but don’t format it, the partition will be labeled as Free Space. If you haven’t assigned a portion of the disk to a partition, this section of the disk is labeled Unallocated.
In Figure 11-1, the Volume List view is in the upper-right corner and the Graphical View is in the lower-right corner. This is the default configuration. You can change the view for the top or bottom pane as follows:
From the Disk Management window, you can get more detailed information on a drive section by right-clicking it and then selecting Properties from the shortcut menu. When you do this, you see a dialog box much like the one shown in Figure 11-2. This is the same dialog box that you can access from Windows Explorer (by selecting the top-level folder for the drive and then selecting Properties from the File menu).
Hot swapping is a feature that allows you to remove devices without shutting off the computer. Typically, hot-swappable drives are installed and removed from the front of the computer. If your computer supports hot swapping of drives, you can install drives to the computer without having to shut down. After you do this, access Disk Management, and, from the Action menu, select Rescan Disks. New disks that are found are added as basic disks. If a disk that you’ve added isn’t found, reboot.
If the computer doesn’t support hot swapping of drives, you must turn the computer off and then install the new drives. Afterward, you can scan for new disks as described previously.
Knowing the drive status is useful when you install new drives or troubleshoot drive problems. Disk Management shows the drive status in the Graphical View and Volume List views. Table 11-1 summarizes the most common status values.
Table 11-1. Common Drive Status Values and Their Meanings
Status | Description | Resolution |
|---|---|---|
Online | The normal disk status. It means the disk is accessible and doesn’t have problems. Both dynamic disks and basic disks display this status. | The drive doesn’t have any known problems. |
Online (Errors) | I/O errors have been detected on a dynamic disk. | You can try to correct temporary errors using the Reactivate Disk command. |
Offline | The dynamic disk isn’t accessible and might be corrupted or temporarily unavailable. If the disk name changes to Missing, the disk can no longer be located or identified on the system. | Check for problems with the drive, its controller, and cables. Make sure that the drive has power and is connected properly. Use the Reactivate Disk command to bring the disk back online (if possible). |
Foreign | The dynamic disk has been moved to your computer but hasn’t been imported for use. A failed drive brought back online might sometimes be listed as Foreign. | Use the Import Foreign Disks command to add the disk to the system. |
Unreadable | The disk isn’t currently accessible, which can occur when rescanning disks. Both dynamic and basic disks display this status. | If the drives aren’t being scanned, the drive might be corrupt or have I/O errors. Use the Rescan Disk command to correct the problem (if possible). You might also want to reboot the system. |
Unrecognized | The disk is of an unknown type and can’t be used on the system. A drive from a non-Windows system might display this status. | You can’t use the drive on the computer. Try a different drive. |
No Media | No media have been inserted into the CD-ROM or removable drive. Only CD-ROM and removable disk types display this status. | Insert a CD-ROM, floppy disk, or removable disk to bring the disk online. |
Windows Server 2003 supports two types of disk configurations:
Basic. The standard disk type used in previous versions of Windows. Basic disks are divided into partitions and can be used with previous versions of Windows.
Dynamic. An enhanced disk type for Windows Server 2003 that can be updated without having to restart the system (in most cases). Dynamic disks are divided into volumes and can be used only with Windows 2000 and Windows Server 2003.
When you convert to Windows Server 2003, disks with partitions are initialized as basic disks. When you install Windows Server 2003 on a new system with unpartitioned drives, you have the option of initializing the drives as either basic or dynamic.
Basic drives support all the fault-tolerant features found in Microsoft Windows NT 4.0. You can use basic drives to maintain existing spanning, mirroring, and striping configurations and to delete these configurations. However, you can’t create new fault-tolerant drive sets using the basic disk type. You’ll need to convert to dynamic disks and then create volumes that use mirroring or striping. The fault-tolerant features and the ability to modify disks without having to restart the computer are the key capabilities that distinguish basic and dynamic disks. Other features available on a disk depend on the disk formatting.
You can use both basic and dynamic disks on the same computer. The catch is that volume sets must use the same disk type. For example, if you have mirrored drives C and D that were created under Windows NT 4.0, you can use these drives under Windows Server 2003. If you want to convert C to the dynamic disk type, you must also convert D. To learn how to convert a disk from basic to dynamic, see the section of this chapter entitled "Changing Drive Types."
Disk configuration tasks that you can perform with basic and dynamic disks are different. With basic disks, you can:
Format partitions and mark them as active.
Create and delete primary and extended partitions.
Create and delete logical drives within extended partitions.
Convert from a basic disk to a dynamic disk.
With dynamic disks, you can:
Create and delete simple, striped, spanned, mirrored, and RAID-5 volumes.
Remove a mirror from a mirrored volume.
Split a volume into two volumes.
Repair mirrored or RAID-5 volumes.
Reactivate a missing or offline disk.
Revert to a basic disk from a dynamic disk (requires deleting volumes and reload).
With either disk type, you can:
Whether you’re working with basic or dynamic disks, you need to keep in mind three special types of drive sections:
System. The system partition or volume contains the hardware-specific files needed to load the operating system.
Boot. The boot partition or volume contains the operating system and its support files. The system and boot partition or volume can be the same.
Active. The active partition or volume is the drive section from which the computer starts.
Note
On multiboot systems with pre–Windows 2000 operating systems, the active drive section might need to contain the startup files for all operating systems loaded on the computer and might also need to be a primary partition on a basic disk. You can’t mark an existing dynamic volume as the active volume, but you can convert a basic disk containing the active partition to a dynamic disk. Once the update is complete, the partition becomes a simple volume that’s active.
Windows Server 2003 supports two key central processing unit (CPU) architectures: x86 and Itanium. On an x86-based computer, you can mark a partition as active by completing the following steps:
Make sure that the necessary startup files are on the primary partition that you want to make the active partition. For Windows NT, Windows 2000 Server, and Windows Server 2003, these files are Boot.ini, Ntdetect.com, Ntldr, and Bootsect.dos. You might also need Ntbootdd.sys.
Access Disk Management.
Right-click the primary partition you want to mark as active, and then select Mark Partition As Active.
Basic disks are designed to be used with previous versions of Windows. Dynamic disks are designed to let you take advantage of the latest Windows features. Only computers running Windows 2000 or Windows Server 2003 can use dynamic disks. However, you can use dynamic disks with other operating systems, such as UNIX. To do this, you need to create a separate volume for the non-Windows operating system. You can’t use dynamic disks on portable computers.
Windows Server 2003 provides the tools you need to convert a basic disk to a dynamic disk and to change a dynamic disk back to a basic disk. When you convert to a dynamic disk, partitions are changed to volumes of the appropriate type automatically. You can’t change these volumes back to partitions. Instead, you must delete the volumes on the dynamic disk and then change the disk back to a basic disk. Deleting the volumes destroys all the information on the disk.
Before you convert a basic disk to a dynamic disk, you should make sure that you don’t need to boot the computer to other versions of Windows. Only computers running Windows 2000 or Windows Server 2003 can use dynamic disks.
With MBR disks, you should also make sure that the disk has 1 MB of free space at the end of the disk. Although Disk Management reserves this free space when creating partitions and volumes, disk management tools on other operating systems might not. Without the free space at the end of the disk, the conversion will fail.
With GPT disks, you must have contiguous, recognized data partitions. If the GPT disk contains partitions that Windows doesn’t recognize, such as those created by another operating system, you can’t convert to a dynamic disk.
With either type of disk:
You can’t convert drives that use sector sizes larger than 512 bytes. If the drive has large sector sizes, you’ll need to reformat before converting.
You can’t use dynamic disks on portable computers or with removable media. You can only configure these drives as basic drives with primary partitions.
You can’t convert a disk if the system or boot partition is part of spanned, striped, mirrored, or RAID-5 volume. You’ll need to stop the spanning, mirroring, or striping before you convert.
You shouldn’t convert a disk if it contains multiple installations of the Windows operating system. If you do, you might be able to start the computer only using Windows Server 2003.
You can convert disks with other types of partitions that are part of spanned, striped, mirrored, or RAID-5 volumes. These volumes become dynamic volumes of the same type. However, you must convert all drives in the set together.
To convert a basic disk to a dynamic disk, complete the following steps:
In Disk Management, right-click a basic disk that you want to convert, either in the Disk List view or in the left pane of the Graphical View. Then select Convert To Dynamic Disk.
In the Convert To Dynamic Disk dialog box, select the check boxes for the disks you want to convert. If you’re converting a spanned, striped, mirrored, or RAID-5 volume, be sure to select all the basic disks in this set. You must convert the set together. Click OK when you’re ready to continue.
The Disks To Convert dialog box shows the disks you’re converting. The buttons and columns on this dialog box contain the following information:
Name. Shows the disk number.
Disk Contents. Shows the type and status of partitions, such as boot, active, or in use.
Will Convert. Specifies whether the drive will be converted. If the drive doesn’t meet the criteria, it won’t be converted, and you might need to take corrective action, as described previously.
Details. Shows the volumes on the selected drive.
Convert. Starts the conversion.
If you’re ready to begin the conversion, click Convert. Disk Management warns you that after you finish the conversion you won’t be able to boot previous versions of Windows from volumes on the selected disks. Click Yes to continue.
Disk Management will restart the computer if a selected drive contains the boot partition, system partition, or a partition in use.
Before you can change a dynamic disk back to a basic disk, you must delete all dynamic volumes on the disk. After you do this, right-click the disk and select the Convert To Basic Disk command. This changes the dynamic disk to a basic disk and you can then create new partitions and logical drives on the disk.
If the status of a dynamic disk displays as Online (Errors) or Offline, you can often reactivate the disk to correct the problem. You reactivate a disk by completing the following steps:
In Disk Management, right-click the dynamic disk you want to reactivate, and then select Reactivate Disk. Confirm the action when prompted.
If the drive status doesn’t change, you might need to reboot the computer. If this still doesn’t resolve the problem, check for problems with the drive, its controller, and the cables. Also, make sure that the drive has power and is connected properly.
Rescanning all drives on a system updates the drive configuration information on the computer. It can sometimes resolve a problem with drives that show a status of Unreadable. Because the drive configuration might change as a result of the rescan, you might need to update the Boot.ini file for the computer, as discussed later in this chapter in the section entitled "Updating the Boot Disk."
You rescan disks on a computer by selecting Rescan Disk from Disk Management’s Action menu.
Real World
Take a screenshot of the disk configuration in Disk Management before scanning and after scanning to double-check the configuration for changes. On my primary server, the original configuration had a floppy disk drive on A; logical drives on C, D, E, and F; a removable drive on G; and a CD-ROM drive on H. After rescanning, the removable drive was on B, and, as a result, the number of the boot partition changed (and Windows Server 2003 gave no notification of this change).
During reboot of the system, Windows Server 2003 stated incorrectly that the Ntoskrnl.exe file needed to be restored on the Windows Server 2003 root folder. Using the emergency repair disk created as explained in Chapter 15, you could modify the Boot.ini file and recover the system. Without the emergency repair disk, you’d need to repair the Windows Server 2003 installation using the Windows Server 2003 CD and the Recovery Console. Installing the Windows Server 2003 Recovery Console is also covered in Chapter 15.
Windows Server 2003 makes the task of moving drives to a new system a lot easier. If you want to move a dynamic drive to a new computer, follow these steps:
Access Disk Management on the system where the dynamic drives are currently installed.
Check the status of the drives and ensure that they’re marked as healthy. If the status isn’t healthy, you should repair partitions and volumes, as necessary, before you move the disk drives.
Remove drive letters and drive paths that reference the drives, as described in the section of this chapter entitled "Assigning Drive Letters and Paths."
If the drives are hot-swappable and this feature is supported on both systems, remove the drives, and then install them on the destination computer. Otherwise, turn off both computers. Remove the drives from the original system and then install them on the new system. When you’re finished, turn the computers back on.
On the destination computer, from the Action menu select Rescan Disks. When the scan finishes, right-click any disk marked Foreign, and then click Import Foreign Disks.
When you install a new computer or update an existing computer, you’ll often need to partition the drives on the computer. You partition drives using Disk Management.
On Windows Server 2003, a physical drive using MBR partition style can have up to four primary partitions and up to one extended partition. This allows you to configure MBR drives in one of two ways: using one to four primary partitions or using one to three primary partitions and one extended partition. Drives with GPT partition style can have up to 128 partitions.
After you partition a drive, you format the partitions to assign drive letters. This is a high-level formatting that creates the file system structure rather than a low-level formatting that sets up the drive for initial use. You’re probably very familiar with the C drive used by Windows Server 2003. Well, the C drive is simply the designator for a disk partition. If you partition a disk into multiple sections, each section can have its own drive letter. You use the drive letters to access file systems in various partitions on a physical drive. Unlike MS-DOS, which assigns drive letters automatically starting with the letter C, Windows Server 2003 lets you specify drive letters. Generally, the drive letters C through Z are available for your use.
Note
The drive letter A is usually assigned to the system’s floppy disk drive. If the system has a second floppy disk drive, the letter B is assigned to it, so you can use only the letters C through Z. Don’t forget that CD-ROMs, Zip drives, and other types of media drives need drive letters as well. The total number of drive letters you can use at one time is 24. If you need additional volumes, you can create them using drive paths.
In Windows NT 4.0 you could have only 24 active volumes. To get around this limitation, Windows 2000 and Windows Server 2003 allow you to mount disks to drive paths. A drive path is set as a folder location on another drive. For example, you could mount additional drives as E:Data1, E:Data2, and E:Data3. You can use drive paths with basic and dynamic disks. The only restriction for drive paths is that you mount them on empty folders that are on NTFS drives.
To help you differentiate between primary partitions and extended partitions with logical drives, Disk Management color-codes the partitions. For example, primary partitions might be color-coded with a dark blue band and logical drives in extended partitions might be color-coded with a light blue band. The key for the color scheme is shown at the bottom of the Disk Management window. You can change the colors using the View Settings dialog box. From the Disk Management View menu, select the Settings option.
In Disk Management, you create partitions and logical drives by completing the following steps:
In the Disk Management Graphical View, right-click an area marked Unallocated and then choose New Partition. Or right-click a free space in an extended partition and select New Logical Drive. This starts the New Partition Wizard.
Click Next. As shown in Figure 11-3, you can now select a partition type as follows:
Primary Partition. To create a primary partition. A primary partition can fill an entire disk, or you can size it as appropriate for the workstation or server you’re configuring.
Extended Partition. To create an extended partition. Each physical drive can have one extended partition. This extended partition can contain one or more logical drives, which are simply sections of the partition with their own file system. If a drive already contains an extended partition, the Extended Partition option won’t be available. Note also that you can’t create extended partitions on removable drives.
Logical Drive. To create a logical drive within an extended partition. Although you can size the logical drive any way you want, you might want to take a moment to consider how you’ll use logical drives on the current workstation or server. Generally, you use logical drives to divide a large drive into manageable sections. With this in mind, you might want to divide a 21-GB extended partition into three logical drives of 7 GB each.
You should see the Specify Partition Size page. This page specifies the minimum and maximum size for the partition in megabytes and lets you size the partition within these limits. Size the partition using the Amount Of Disk Space To Use field.
Specify whether you want to assign a drive letter or path, as shown in Figure 11-4. You use these options as follows:
Assign The Following Drive Letter. To assign a drive letter, choose this option, and then select an available drive letter in the selection list provided.
Mount In The Following Empty NTFS Folder. To assign a drive path, choose this option, and then type the path to an existing folder or click Browse to search for or create a folder.
Do Not Assign A Drive Letter Or Drive Path. To create the partition without assigning a drive letter or path, choose this option. You can assign a drive letter or path later, if necessary.
Determine whether the partition should be formatted in the Format Partition page, shown in Figure 11-5. If you elect to format the partition, follow the steps described in the following section, "Formatting Partitions."
Click Next and then click Finish. If you add partitions to a physical drive that contains the Windows Server 2003 operating system, you might inadvertently change the number of the boot partition. Windows Server 2003 will display a prompt warning you that the number of the boot partition will change. Click Yes.
Disk Management then creates the partition, assigns a drive letter or path as appropriate, and formats the partition as appropriate. If you saw a warning prompt previously, you might see another warning prompt telling you to edit the Boot.ini file. Edit the Boot.ini file and update the designator for the boot partition as described in the section of this chapter entitled "Updating the Boot Disk." Then immediately reboot the computer.
Formatting creates a file system in a partition and permanently deletes any existing data. This is a high-level formatting that creates the file system structure rather than a low-level formatting that initializes a drive for use. To format a partition, right-click the partition, and then chose Format. This opens the Format dialog box shown in Figure 11-6.
Figure 11-6. Use the Format dialog box to format a partition by specifying its file system type and volume label.
You use the formatting fields as follows:
Volume Label. Specifies a text label for the partition. This label is the partition’s volume name.
File System. Specifies the file system type as FAT, FAT32, or NTFS. FAT is the file system type supported by MS-DOS and Microsoft Windows 3.1, Windows 95, Windows 98, and Windows Me. NTFS is the native file system type for Microsoft Windows NT, Windows 2000, and Windows Server 2003. The section of Chapter 13 entitled "Windows Server 2003 File Structures" tells you more about NTFS and the advantages of using it with Windows Server 2003.
Allocation Unit Size. Specifies the cluster size for the file system. This is the basic unit in which disk space is allocated. The default allocation unit size is based on the size of the volume and is set dynamically prior to formatting. To override this feature, you can set the allocation unit size to a specific value. If you use lots of small files, you might want to use a smaller cluster size, such as 512 or 1024 bytes. With these settings, small files use less disk space.
Perform A Quick Format. Tells Windows Server 2003 to format without checking the partition for errors. With large partitions this option can save you a few minutes. However, it’s more prudent to check for errors, which allows Disk Management to mark bad sectors on the disk and lock them out.
Enable File And Folder Compression. Turns on compression for the disk. Built-in compression is available only for NTFS. Under NTFS, compression is transparent to users and compressed files can be accessed just like regular files. If you select this option, files and directories on this drive are compressed automatically. For more information on compressing drives, files, and directories, see the section of this chapter entitled "Compressing Drives and Data."
When you’re ready to proceed, click OK. Because formatting a partition destroys any existing data, Disk Management gives you one last chance to abort the procedure. Click OK to start formatting the partition. Disk Management changes the drive’s status to reflect the formatting and the percentage of completion. When formatting is complete, the drive status will change to reflect this.
When you add partitions to a physical drive that contains the Windows Server 2003 operating system, the number of the boot partition might change. If this happens, you’ll need to update the system’s Boot.ini file. Normally, this file is located on the C drive.
The Boot.ini file contains entries that look like this:
[boot loader ] timeout=30 default=multi(0)disk(0)rdisk(0)partition(3)WINNT [operating systems ] multi(0)disk(0)rdisk(0)partition(3)WINNT="Microsoft Windows Server 2003" /fastdetect multi(0)disk(0)rdisk(0)partition(2)WIN2000="Microsoft Windows 2000 Server" /fastdetect multi(0)disk(0)rdisk(0)partition(1)WINXP="Microsoft Windows XP Professional" /fastdetect
Tip
The Boot.ini file might be hidden from view on the system with which you’re working. To see Boot.ini and other system files in Windows Explorer, select Folder Options from the Tools menu. Afterward, in the Folder Options properties dialog box, click the View tab. Clear Hide Protected Operating System Files and then click OK.
Entries like this tell Windows Server 2003 where to find the operating system files:
multi(0)disk(0)rdisk(0)partition(3)WINNT
The designators for this entry are used as follows:
multi(0). Designates the controller for the drive, which in this case is controller 0. If the secondary mirror is on a different controller, enter the number of the controller. Controllers are numbered from 0 to 3.
Note
The format for the Boot.ini entries is the Advanced RISC Computer (ARC) name format. On SCSI systems that don’t use SCSI basic input/output system (BIOS), the first field in the entry is scsi(n), where n is the controller number.
disk(0). Designates the SCSI bus adapter, which in this case is adapter 0. On most systems, this is always 0. The exception is for systems with multiple bus SCSI adapters. These systems use the scsi(n) syntax.
rdisk(0). Designates the ordinal number of the disk on the adapter, which in this case is drive 0. With SCSI drives that use SCSI BIOS, you’ll see numbers from 0 to 6. With other SCSI drives this is always 0. With Integrated Device Electronics (IDE) you’ll see either 0 or 1. In most cases, you’ll need to change this field—so be sure to enter the number of the secondary mirror drive.
partition(3). Designates the partition that contains the operating system, which in this case is 3.
If the boot partition for Window Server 2003 changed from 3 to 4, you’d update the Boot.ini file shown earlier as follows:
[boot loader ] timeout=30 default=multi(0)disk(0)rdisk(0)partition(4)WINNT [operating systems ] multi(0)disk(0)rdisk(0)partition(4)WINNT="Microsoft Windows Server 2003" /fastdetect multi(0)disk(0)rdisk(0)partition(2)WIN2000="Microsoft Windows 2000 Server" /fastdetect multi(0)disk(0)rdisk(0)partition(1)WINXP="Microsoft Windows XP Professional" /fastdetect
Disk Management provides many ways to manage existing partitions and drives. Use these features to assign drive letters, delete partitions, set the active partition, and more. In addition, Windows Server 2003 provides other utilities to carry out common tasks such as converting a volume to NTFS, checking a drive for errors, and cleaning up unused disk space.
You can assign drives one drive letter and one or more drive paths, provided the drive paths are mounted on NTFS drives. Drives don’t have to be assigned a drive letter or path. A drive with no designators is considered to be unmounted, and you can mount it by assigning a drive letter or path at a later date. You need to unmount a drive before moving it to another computer.
To manage drive letters and paths, right-click the drive you want to configure in Disk Management, and then choose Change Drive Letter And Paths. This opens the dialog box shown in Figure 11-7. You can now:
Add a drive path. Click Add, select Mount In The Following Empty NTFS Folder, and then type the path to an existing folder or click Browse to search for or create a folder.
Remove a drive path. Select the drive path to remove, click Remove, and then click Yes.
Assign a drive letter. Click Add, select Assign A Drive Letter, and then choose an available letter to assign to the drive.
Change the drive letter. Select the current drive letter, and then click Change. Select Assign A Drive Letter, and then choose a different letter to assign to the drive.
Remove a drive letter. Select the current drive letter, click Remove, and then click Yes.
The volume label is a text descriptor for a drive. Because this label is displayed when the drive is accessed in various Windows Server 2003 utilities, such as Windows Explorer, you can use the label to help provide information about a drive’s contents. You can change or delete a volume label using Disk Management or Windows Explorer.
Using Disk Management, you can change or delete a label by following these steps:
Right-click the partition, and then choose Properties.
In the General tab of the Properties dialog box, use the Label text box to type a new label for the volume or delete the existing label. Click OK.
Using Windows Explorer, you can change or delete a label by following these steps:
To change the configuration of an existing drive that’s fully allocated, you might need to delete existing partitions and logical drives. Deleting a partition or a drive removes the associated file system, and all data in the file system is lost. So, before you delete a partition or a drive, you should back up any files and directories that the partition or drive contains.
You can delete a primary partition or logical drive by following these steps:
In Disk Management, right-click the partition or drive you want to delete, and then choose Delete Partition or Delete Logical Drive, as appropriate.
Confirm that you want to delete the partition by clicking Yes.
If you delete a partition on a physical drive that contains the Windows Server 2003 operating system, the number of the boot partition might change. If so, you’ll need to update the Boot.ini file as described in the section of this chapter entitled "Updating the Boot Disk." Be sure to note the new partition number to use.
To delete an extended partition, follow these steps:
Windows Server 2003 provides a utility for converting file allocation tables (FAT) volumes to NTFS. This utility, called Convert (Convert.exe), is located in the %SystemRoot% folder. When you convert a volume using this tool, the file and directory structure is preserved and no data is lost. Keep in mind, however, that Windows Server 2003 doesn’t provide a utility for converting NTFS to FAT. The only way to go from NTFS to FAT is to delete the partition by following the steps listed in the previous section and then to recreate the partition as a FAT volume.
Convert is a command-line utility run at the Command prompt. If you want to convert a drive, use the following syntax:
convert volume /FS:NTFS
where volume is the drive letter followed by a colon, drive path, or volume name. For example, if you wanted to convert the D drive to NTFS, you’d use the following command:
convert D: /FS:NTFS
The complete syntax for Convert is shown below:
convert volume /FS:NTFS [/V] [/X] [/CvtArea:filename] [/NoSecurity]
The options and switches for Convert are used as follows:
volume | Sets the volume to work with |
/FS:NTFS | Converts to NTFS |
/V | Sets verbose mode |
/X | Forces the volume to dismount before the conversion (if necessary) |
/CvtArea: filename | Sets name of a contiguous file in the root directory to be a placeholder for NTFS system files |
/NoSecurity | Removes all security attributes and makes all files and directories accessible to the group Everyone |
A sample statement using convert is:
convert C: /FS:NTFS /V
Before you use the Convert utility, double-check to see if the partition is being used as the active boot partition or a system partition containing the operating system. With Intel x86 systems, you can convert the active boot partition to NTFS. Doing so requires that the system gain exclusive access to this partition, which can be obtained only during startup. Thus, if you try to convert the active boot partition to NTFS, Windows Server 2003 displays a prompt asking if you want to schedule the drive to be converted the next time the system starts. If you click Yes, you can restart the system to begin the conversion process.
Tip
Often it’ll take several restarts of a system to completely convert the active boot partition. Don’t panic. Let the system proceed with the conversion.
Before the Convert utility actually converts a drive to NTFS, the utility checks to see if the drive has enough free space to perform the conversion. Generally, Convert needs a block of free space that’s roughly equal to 25 percent of the total space used on the drive. For example, if the drive stores 2 GB of data, Convert needs about 500 MB of free space. If there isn’t enough free space, Convert aborts and tells you that you need to free up some space. On the other hand, if there is enough free space, Convert initiates the conversion. Be patient. The conversion process takes several minutes (longer for large drives). Don’t access files or applications on the drive while the conversion is in progress.
The Windows Server 2003 utility for checking the integrity of a disk is Check Disk (Chkdsk.exe). You’ll find this utility in the %SystemRoot% folder. Use Check Disk to check for and optionally repair problems found on FAT, FAT32, and NTFS volumes.
Although Check Disk can check for and correct many types of errors, the utility primarily looks for inconsistencies in the file system and its related metadata. One of the ways Check Disk locates errors is by comparing the volume bitmap to the disk sectors assigned to files in the file system. But beyond this, the usefulness of Check Disk is rather limited. For example, Check Disk can’t repair corrupted data within files that appear to be structurally intact.
You can run Check Disk from the command line or within other utilities. At the Command prompt, you can test the integrity of the E drive by typing the command
chkdsk E:
To find and repair errors that are found in the E drive, use the command:
chkdsk /f E:
Note
Check Disk can’t repair volumes that are in use. If the volume is in use, Check Disk displays a prompt that asks if you want to schedule the volume to be checked the next time you restart the system. Answer Yes to the prompt to schedule this.
The complete syntax for Check Disk is shown below:
chkdsk [volume[[path]filename]]] [/F] [/V] [/R] [/X] [/I] [/C] [/L[:size]]
The options and switches for Check Disk are used as follows:
volume | Sets the volume to work with. |
filename | FAT/FAT32 only: Specifies files to check for fragmentation. |
/F | Fixes errors on the disk. |
/V | On FAT/FAT32: Displays the full path and name of every file on the disk. On NTFS: Displays cleanup messages, if any. |
/R | Locates bad sectors and recovers readable information (implies /F). |
/L:size | NTFS only: Changes the log file size. |
/X | Forces the volume to dismount first if necessary (implies /F). |
/I | NTFS only: Performs a minimum check of index entries. |
/C | NTFS only: Skips checking of cycles within the folder structure. |
You can also run Check Disk interactively by using either Windows Explorer or Disk Management. To do that, follow these steps:
Right-click the drive and then choose Properties.
In the Tools tab of the Properties dialog box, click Check Now.
As shown in Figure 11-8, you can now:
Check for errors without repairing them. Click Start without selecting either of the check boxes.
Check for errors and fix them. Make the appropriate selections in the check boxes to fix file system errors or to recover bad sectors, or both. Then click Start.
Anytime you add files to or remove files from a drive, the data on the drive can become fragmented. When a drive is fragmented, large files can’t be written to a single continuous area on the disk. As a result, the operating system must write the file to several smaller areas on the disk, which means more time is spent reading the file from the disk. To reduce fragmentation, you should periodically analyze and defragment disks using Disk Defragmenter.
You can analyze a disk to determine the level of fragmentation and defragment a disk by completing the following steps:
In Computer Management, expand Storage, and then select Disk Defragmenter.
Select the logical drive or volume that you want to work with by clicking it, as shown in Figure 11-9.
To analyze the amount of fragmentation on a partition or volume, click Analyze. The progress of the analysis is shown in the Analysis Display area. Fragmented files, contiguous files, system files, and free space are highlighted in different colors using the color code shown at the bottom of the display area. You can pause or stop the analysis if necessary.
When the analysis is complete, Disk Defragmenter recommends a course of action based on the amount of fragmentation. If there’s a lot of fragmentation, you’ll be prompted to defragment the disk. Otherwise, you’ll be told the disk doesn’t need to be defragmented.
To defragment the disk, click Defragment. The progress of the defragment operation is shown in the Defragmentation Display area. You can pause or stop the operation, if necessary.
To view a report of the analysis or defragmentation, click View Report.
When you format a drive for NTFS, Windows Server 2003 allows you to turn on the built-in compression feature. With compression, all files and directories stored on a drive are automatically compressed when they’re created. Because this compression is transparent to users, compressed data can be accessed just like regular data. The difference is that you can store more information on a compressed drive than you can on an uncompressed drive.
Real World
Although compression is certainly a useful feature when you want to save disk space, you can’t encrypt compressed data. Compression and encryption are mutually exclusive alternatives for NTFS volumes, which means you have the choice of either using compression or using encryption. You can’t use both techniques. For more information on encryption, see the section later in this chapter entitled "Encrypting Drives and Data." If you try to compress encrypted data, Windows Server 2003 automatically decrypts the data and then compresses it. Likewise, if you try to encrypt compressed data, Windows Server 2003 uncompresses the data and then encrypts it.
To compress a drive and all its contents, complete these steps:
If you decide not to compress a drive, Windows Server 2003 lets you selectively compress directories and files. To compress a file or directory, complete these steps:
In Windows Explorer, right-click the file or directory that you want to compress, and then select Properties.
In the General tab of the related property dialog box, click Advanced. In the Advanced Attributes dialog box, select the Compress Contents To Save Disk Space check box, as shown in Figure 11-10. Click OK twice.
Figure 11-10. With NTFS, you can compress a file or directory by selecting the Compress Contents To Save Disk Space check box in the Advanced Attributes dialog box.
For an individual file, Windows Server 2003 marks the file as compressed and then compresses it. For a directory, Windows Server 2003 marks the directory as compressed and then compresses all the files in it. If the directory contains subfolders, Windows Server 2003 displays a dialog box that allows you to compress all the subfolders associated with the directory. Simply select Apply Changes To This Folder, Subfolders, And Files and then click OK. Once you compress a directory, any new files added or copied to the directory are compressed automatically.
You can remove compression from a drive as follows:
Tip
Windows always checks the available disk space before expanding compressed data. You should too. If there’s less free space available than used space, you might not be able to complete the expansion. For example, if a compressed drive uses 1 GB of space and has 700 MB of free space available, there won’t be enough free space to expand the drive.
If you decide later that you want to expand a compressed file or directory, reverse the process by completing the following steps:
Right-click the file or directory in Windows Explorer.
In the General tab of the related property dialog box, click Advanced. Clear the Compress Contents To Save Disk Space check box. Click OK twice.
With files, Windows Server 2003 removes compression and expands the file. With directories, Windows Server 2003 expands all the files within the directory. If the directory contains subfolders, you’ll also have the opportunity to remove compression from the subfolders. To do this, select Apply Changes To This Folder, Subfolders, And Files when prompted, and then click OK.
NTFS has many advantages over other file systems that you can use with Windows Server 2003. One of the major advantages is the capability to automatically encrypt and decrypt data using the Encrypting File System (EFS). When you encrypt data, you add an extra layer of protection to sensitive data—and this extra layer acts as a security blanket, blocking all other users from reading the contents of the encrypted files. Indeed, one of the great benefits of encryption is that only the designated user can access the data. This benefit is also a disadvantage, in that the user must remove encryption before authorized users can access the data.
File encryption is supported on a per-folder or per-file basis. Any file placed in a folder marked for encryption is automatically encrypted. Files in encrypted format can be read only by the person who encrypted the file. Before other users can read an encrypted file, the user must decrypt the file.
Every file that’s encrypted has a unique encryption key. This means that an encrypted file can be copied, moved, and renamed just like any other file—and, in most cases, these actions don’t affect the encryption of the data (for details, see the section later in this chapter entitled "Working with Encrypted Files and Folders"). The user who encrypted the file always has access to the file, provided the user’s public-key certificate is available on the computer that he or she is using. For this user the encryption and decryption process is handled automatically and is transparent.
EFS is the process that handles encryption and decryption. The default setup for EFS allows users to encrypt files without needing special permission. Files are encrypted using a public/private key that EFS automatically generates on a per-user basis. The encryption algorithm used is the expanded Data Encryption Standard (DES), which is enforced using 56-bit encryption by default.
Security
For stricter security, North American users can order the Enhanced CryptoPAK from Microsoft. The Enhanced CryptoPAK provides 128-bit encryption. Files that use 128-bit encryption can be used only on a system that supports 128-bit encryption.
Encryption certificates are stored as part of the data in user profiles. If a user works with multiple computers and wants to use encryption, an administrator will need to configure a roaming profile for that user. A roaming profile ensures that the user’s profile data and public-key certificates are accessible from other computers. Without this, users won’t be able to access their encrypted files on another computer.
Security
An alternative to a roaming profile is to copy the user’s encryption certificate to the computers that the user uses. You can do this using the certificate backup and restore process discussed in the section of Chapter 15 entitled "Backing Up and Restoring Encrypted Data and Certificates." Simply back up the certificate on the user’s original computer and then restore the certificate on each of the other computers the user logs on to.
EFS has a built-in data recovery system to guard against data loss. This recovery system ensures that encrypted data can be recovered in the event that a user’s public-key certificate is lost or deleted. The most common scenario for this is when a user leaves the company and the associated user account is deleted. Although a manager might have been able to log on to the user’s account, check files, and save important files to other folders, if the user account has been deleted, encrypted files will be accessible only if the encryption is removed or if the files are moved to a FAT or FAT32 volume (where encryption isn’t supported).
To access encrypted files after the user account has been deleted, you’ll need to use a recovery agent. Recovery agents have access to the file encryption key necessary to unlock data in encrypted files. To protect sensitive data, however, recovery agents don’t have access to a user’s private key or any private key information.
Windows Server 2003 won’t encrypt files without designated EFS recovery agents. For this reason, recovery agents are designated automatically and the necessary recovery certificates are generated automatically as well. This ensures that encrypted files can always be recovered.
EFS recovery agents are configured at two levels:
Domain. The recovery agent for a domain is configured automatically when the first Windows Server 2003 domain controller is installed. By default, the recovery agent is the domain administrator. Through Group Policy, domain administrators can designate additional recovery agents. Domain administrators can also delegate recovery agent privileges to designated security administrators.
Local computer. When a computer is part of a workgroup or in a stand-alone configuration, the recovery agent is the administrator of the local computer by default. Additional recovery agents can be designated. Further, if you want local recovery agents in a domain environment rather than domain-level recovery agents, you must delete the recovery policy from the group policy for the domain.
You can delete recovery agents if you don’t want them to be used. However, if you delete all recovery agents, EFS will no longer encrypt files. One or more recovery agents must be configured for EFS to function.
With NTFS volumes, Windows Server 2003 lets you select files and folders for encryption. When you encrypt files, the file data is converted to an encrypted format that can be read only by the person who encrypted the file. Users can encrypt files only if they have the proper access permissions. When you encrypt folders, the folder is marked as encrypted, but actually only the files within it are encrypted. All files that are created in or added to a folder marked as encrypted are encrypted automatically.
To encrypt a file or directory, complete the following steps:
Right-click the file or directory that you want to encrypt, and then select Properties.
In the General tab of the related property dialog box, click Advanced. Then select the Encrypt Contents To Secure Data check box. Click OK twice.
Note
You can’t encrypt compressed files, system files, or read-only files. If you try to encrypt compressed files, the files are automatically uncompressed and then encrypted. If you try to encrypt system files, you’ll get an error.
For an individual file, Windows Server 2003 marks the file as encrypted and then encrypts it. For a directory, Windows Server 2003 marks the directory as encrypted and then encrypts all the files in it. If the directory contains subfolders, Windows Server 2003 displays a dialog box that allows you to encrypt all the subfolders associated with the directory. Simply select Apply Changes To This Folder, Subfolders, And Files and then click OK.
Previously, I said that you can copy, move, and rename encrypted files and folders just like any other files, which is true, but I qualified this by saying "in most cases." When you work with encrypted files, you’ll have few problems as long as you work with NTFS volumes on the same computer. When you work with other file systems or other computers, you might run into problems. Two of the most common scenarios are:
Copying between volumes on the same computer. When you copy or move an encrypted file or folder from one NTFS volume to another NTFS volume on the same computer, the files remain encrypted. However, if you copy or move encrypted files to a FAT or FAT32 volume, the files are decrypted before transfer and then transferred as standard files. FAT and FAT32 don’t support encryption.
Copying between volumes on a different computer. When you copy or move an encrypted file or folder from one NTFS volume to another NTFS volume on a different computer, the files remain encrypted as long as the destination computer allows you to encrypt files and the remote computer is trusted for delegation. Otherwise, the files are decrypted and then transferred as standard files. The same is true when you copy or move encrypted files to a FAT or FAT32 volume on another computer. FAT and FAT32 don’t support encryption.
After you transfer a sensitive file that has been encrypted, you might want to confirm that the encryption is still applied. Right-click the file and then select Properties. In the General tab of the related property dialog box, click Advanced. The Encrypt Contents To Secure Data option should be selected.
Recovery policies are configured automatically for domain controllers and workstations. By default, domain administrators are the designated recovery agents for domains and the local administrator is the designated recovery agent for a stand-alone workstation.
Through the Group Policy console, you can view, assign, and delete recovery agents. To do that, follow these steps:
Access the Group Policy console for the local computer, site, domain, or organizational unit you want to work with. For details on working with Group Policy, see the section entitled "Group Policy Management" in Chapter 4.
Access the Encrypted Data Recovery Agents node in Group Policy. To do this, expand Computer Configuration, Windows Settings, Security Settings, and Public Key Policies and then select Encrypting File System.
As shown in Figure 11-11, the right-hand pane lists the recovery certificates currently assigned. Recovery certificates are listed according to whom they are issued, who issued them, expiration data, purpose, and more. In the figure, the administrator self-issued the certificate for the purpose of file recovery (it’s a recovery certificate for the local administrator).
To designate an additional recovery agent, right-click Encrypting File System and then select Add Data Recovery Agent. This starts the Add Recovery Agent Wizard, which you can use to select a previously generated certificate that has been assigned to a user and mark it as a designated recovery certificate. Click Next.
In the Select Recovery Agents page, click Browse Directory and then use the Find Users, Contacts, And Groups dialog box to select the user you want to work with.
Security
Before you can designate additional recovery agents, you must set up a root Certificate Authority (CA) in the domain. Afterward, you must use the Certificates snap-in to generate a personal certificate that uses the EFS Recovery Agent template. The root CA must then approve the certificate request so that the certificate can be used.
To delete a recovery agent, select the recovery agent’s certificate in the right pane and then press Delete. When prompted to confirm the action, click Yes to permanently and irrevocably delete the certificate. If the recovery policy is empty (meaning that it has no other designated recovery agents), EFS will be turned off so that files can no longer be encrypted.
If you decide later that you want to decrypt a file or directory, reverse the process by completing the following steps:
Right-click the file or directory in Windows Explorer.
In the General tab of the related property dialog box, click Advanced. Clear the Encrypt Contents To Secure Data check box. Click OK twice.
With files, Windows Server 2003 decrypts the file and restores it to its original format. With directories, Windows Server 2003 decrypts all the files within the directory. If the directory contains subfolders, you’ll also have the opportunity to remove encryption from the subfolders. To do this, select Apply Changes To This Folder, Subfolders, And Files when prompted and then click OK.
Disk Cleanup is a utility that examines disk drives for files that aren’t needed or that could be compressed. By default, Disk Cleanup examines temporary files, the Recycle Bin, and catalogs used by the Content Indexer to see if there are files that can be deleted. Disk Cleanup also examines files that haven’t been used in a while and recommends that they be compressed. Compressing old files can save a considerable amount of disk space.
You can work with Disk Cleanup by completing the following steps:
In Windows Explorer or Disk Management, right-click the drive that you want to clean up, and then select Properties.
Click Disk Cleanup. Disk Cleanup then examines the selected drive, looking for temporary files that can be deleted and for files that are candidates for compression. The more files on the drive, the longer the search process takes.
When Disk Cleanup finishes, you’ll see a report detailing data that can be possibly cleaned up.
Use the check boxes provided in the Files To Delete list to choose the files that you want to clean up, and then click OK. When prompted to confirm the action, click Yes.