Even with the large disk drives available today, you'll often find that hard disk space is at a premium, and this is where disk quotas come in handy. Disk quotas are a built-in feature of NTFS that help you manage and limit disk space usage.
Using disk quotas, you can monitor and control the amount of disk space people who access the network can use. Without quota management it is hard to monitor the amount of space being used by individual users and even harder to control the total amount of space they can use. I refer to monitoring and controlling separately because there's a very important difference between monitoring disk space usage and controlling it—and the disk quota system allows you to perform these tasks separately or together. You can, in fact, do the following:
Configure the disk quota system to monitor disk space usage only, allowing administrators to check disk space usage manually
Configure the disk quota system to monitor disk space usage and generate warnings when users exceed predefined usage levels
Configure the disk quota system to monitor disk space usage, generate warnings when users exceed predefined usage levels, and enforce the limits by denying disk space to users who exceed the quota limit
Your organization's culture will probably play a major role in the disk quota technique you use. In some organizations the culture is such that it is acceptable to monitor space usage and periodically notify users that they are over recommended limits, but it wouldn't be well received if administrators enforced controls that limited disk space usage to specific amounts. In other organizations, especially larger organizations where there might be hundreds or thousands of employees on the network, it can make sense to have some controls in place and users might be more understanding of specific controls. Controls at some point become a matter of necessity to help ensure that the administrative staff can keep up with the disk space needs of the organization.
Disk quotas are configured on a per-volume basis. When you enable disk quotas, all users who store data on a volume will be affected by the quota. You can set exceptions for individual users as well that either set new limits or remove the limits all together. As users create files and folders on a volume, an ownership flag is applied that says that this particular user owns the file or folder. Thus, if a user creates a file or folder on a volume that user is the owner of, the file or folder and the space used counts toward the user's quota limit. However, because each volume is managed separately, there is no way to set a specific limit for all volumes on a server or across the enterprise.
Note
For NTFS compressed files and sparse files, the space usage reported can reflect total space of files rather than the actual space the files use. This happens because the quota system reads the total space used by the file rather than its reduced file size.
Ownership of files and folders can change in several scenarios. If a user creates a copy of a file owned by someone else, the copy is owned by that user. This occurs because a file is created when the copy is made. File and folder ownership can also change when files are restored from backup. This can happen if you restore the files to a volume other than the one the files were created on and copy the files over to the original volume. Here, during the copy operation, the administrator becomes the owner of the files. A workaround for this is to restore files and folders to a different location on the same volume and then move the files and folders rather than copying them. When you move files and folders from one location to another on the same volume, the original ownership information is retained.
Administrators can be assigned as the owner of files in other ways as well, such as when they install the operating system or application software. To ensure that administrators can always install programs, restore data, and perform other administrative tasks, members of the Administrators group don't have a quota limit as a general rule. This is true even when you enforce disk quotas for all users. In fact, for the Administrators group, the only type of quota you can set is a warning level that warns administrators when they've used more than a set amount of space on a volume. When you think about it, this makes a lot of sense—you don't want to get into a situation where administrators can't recover the system because of space limitations.
That said, you can apply quotas to individual users—even those who are members of the Administrators group. You do this by creating a separate quota entry for each user. The only account that cannot be restricted in this way is the built-in Administrator account. If you try to set a limit on the Administrator account, the limit is not applied.
Finally, it is important to note that all space used on a volume counts toward the disk quota—even space used in the Recycle Bin. Thus, if a user who is over the limit deletes files to get under the limit, the disk quota might still give warnings or if quotas are enforced, the user still might not be able to write files to the volume. To resolve this issue, the user would need to delete files and then empty the Recycle Bin.
By default, disk quotas are disabled. If you want to use disk quotas, you must enable quota management for each volume on which you want to use disk quotas. You can enable disk quotas on any NTFS volume that has a drive letter or a mount point. Before you configure disk quotas, think carefully about the limit and warning level. Set values that make the most sense given the number of users that store data on the volume and the size of the volume. For optimal performance of the volume, you won't want to get in a situation where all or nearly all of the disk space is allocated. For optimal user happiness, you want to ensure the warning and limit levels are adequate so the average user can store the necessary data to perform job duties. Quota limits and warning levels aren't one size fits all either. Engineers and graphic designers can have very different space needs than a typical user. In the best situations you'll have configured network shares so that different groups of users have access to different volumes, and these volumes should be sized to meet the typical requirements of a particular group.
In some organizations, I've seen administrators set very low quota limits and warning levels on data shares. The idea behind this was that the administrators wanted users to save most of their data on their workstations and only put files that needed to be shared on the data shares. I would discourage this for two reasons. Low quota limits and warning levels frustrate users— you don't want frustrated users; you want happy users. Second, you should be encouraging users to store more of their important files on central file servers, not less. Central file servers should be a part of regular enterprise-wide backup routines because corporate servers and backing up data safeguards it from loss. In addition, with the Volume Shadow Copy service, shadow copies of files on shared folders can be created automatically, allowing users to perform point-in-time file recovery without needing help from administrators.
To enable disk quotas on an NTFS volume, follow these steps:
In Computer Management, expand Storage, and then select Disk Management. In the details pane, right-click the volume on which you want to enable quotas, and then select Properties.
Choose the Quota tab, and then choose Enable Quota Management as shown in Figure 20-10.
Define a default disk quota limit for all users by selecting Limit Disk Space To and then using the fields provided to set a limit in KB, MB, GB, TB, PB, or EB. Afterward, use the Set Warning Level To field to set the default warning limit. In most cases, you'll want the disk quota warning limit to be 90 to 95 percent of the disk quota limit. This should give good separation between when warnings occur and when the limit is reached.
To prevent users from going over the disk quota limit, select Deny Disk Space To Users Exceeding Quota Limit. This sets a physical limitation for users that will prevent them from writing to the volume once the limit is reached.
NTFS sends warnings to users when they reach a warning level or limit. To ensure that you have a record of these warnings, you can configure quota logging options. Select the Log Event options as appropriate.
Click OK. If the quota system isn't currently enabled, you'll see a prompt asking you to enable the quota system. Click OK to allow Windows Server 2003 to rescan the volume and update the disk usage statistics. Keep in mind that actions might be taken against users who exceed the current limit or warning levels, which can include preventing additional writing to the volume, notifying users the next time they try to access the volume that they've exceeded a warning level or have reached a limit, and logging applicable events in the Application log.
Once you enable disk quotas, the configuration is set for and applies to all users who store data on the volume. The only exception, as noted previously, is for members of the Administrators group. The default disk quotas don't apply to these users. If you want to set a specific quota limit or warning level for an administrator, you can do this by creating a custom quota entry for that particular user account. You can also create custom quota entries for users who have special needs, requirements, or limitations.
To view and work with quota entries access Disk Management, right-click the volume on which you enabled quotas, and then select Properties. In the Properties dialog box for the disk, select the Quota tab, and then click Quota Entries. You'll then see a list of quota entries for everyone who has ever stored data on the volume, as shown in Figure 20-11. The entries show the following information:
Status The status of the disk entries. Normal status is OK. If a user has reached a warning level, the status is Warning. If a user is at or above the quota limit, the status is Above Limit.
Name The display name of the user account.
Logon Name The logon name and domain (if applicable).
Amount Used The amount of disk space used by the user.
Quota Limit The quota limit set for the user.
Warning Level The warning level set for the user.
Percent Used The percentage of disk space used toward the limit.
Quota entries get on the list in one of two ways: either automatically if a user has ever stored data on the volume or by an administrator creating a custom entry for a user. You can customize any of these entries—even the ones automatically created—by double-clicking them, which displays the Quota Settings For dialog box shown in Figure 20-12, and selecting the appropriate options either to remove the disk quota limits or set new ones.
Note
You can't create quota entries for groups. The only group entry that is allowed is the one for the Administrators account, which is created automatically.
If a user doesn't have an entry in the Quota Entries For dialog box, it means that user has not yet saved files to the volume. You can still create a custom entry for the user if you want. To do this, click Quota, New Quota Entry. This displays the Select Users dialog box shown in Figure 20-13. Use this dialog box to help you find the user account you want to work with. Type the name of the user account or part of the name, and click Check Names. If multiple names match the value you entered, you'll see a list of names and will be able to choose the one you want to use. Otherwise, the name will be filled in for you, and you can click OK to display the Add New Quota Entry dialog box, which has the same options as the Quota Settings For dialog box shown in Figure 20-12.
Tip
Use Locations to access user accounts from other domains
By default, the Select Users dialog box is set to work with users from your logon domain. If you want to add a user account from another domain, click Locations to display the Locations dialog box. Then either select the entire directory or the specific domain in which the account is located, and click OK.
In the Quota Entries dialog box, there are a couple of tricks you can use to add or manage multiple quota entries at once. If you want to add identical quota entries for multiple users, you can do this by clicking Quota, New Quota Entry. This displays the Select Users dialog box. Click Advanced to display the advanced Select Users dialog box, as shown in Figure 20-14.
You can now search for users by name and description or by clicking Find Now without entering any search criteria to display a list of available users from the current location. You can select any of the users listed. Select multiple user accounts by holding down the Ctrl key and clicking each account you want to select or by holding down the Shift key, selecting the first account name, and then clicking the last account name to choose a range of accounts. Click OK twice, and then use the Add New Quota Entry dialog box to configure the quota options for all the selected users.
To manage multiple quota entries simultaneously, access the Quota Entries dialog box, then select the entries by holding down the Ctrl key and clicking each entry you want to select or by holding down the Shift key, selecting the first entry, and then clicking the last entry to choose a range of entries. Afterward, right-click one of the selected entries, and then click Properties. You'll then be able to configure quota options for all the selected entries at once.
Users are notified that they have reached a warning level or quota limit when they access the volume on which you've configured disk quotas. As an administrator, you'll want to check for quota violations periodically, and there's several ways you can do this. One way is to access Disk Management, right-click the volume that you want to check on, and then select Properties. In the Properties dialog box for the disk, select the Quota tab, and then click the Quota Entries button. You can then check the current disk usage of users and see whether there are any quota violations. You can also copy selected entries to the Clipboard by pressing Ctrl+C and then pasting them into other applications, such as Microsoft Excel, using Ctrl+V to help you create reports or lists of disk space usage.
You can check quota entries from the command line as well. Type fsutil quota query DriveDesignator at the command prompt, where DriveDesignator is the drive letter of the volume followed by a colon, such as D:. If disk quotas are enabled on the volume, you'll then get a summary of the disk quota settings on the volume, as follows:
FileSystemControlFlags = 0x00000032
Quotas are tracked and enforced on this volume
Logging enable for quota limits and threshold
The quota values are up to date
Default Quota Threshold = 0x0000000038400000
Default Quota Limit = 0x0000000040000000
SID Name = [email protected]
Change time = Sat Dec 26 23:02:44 2004
Quota Used = 528164252
Quota Threshold = 943718400
Quota Limit = 1073741824
SID Name = [email protected]
Change time = Sat Dec 26 23:02:44 2004
Quota Used = 627384956
Quota Threshold = 943718400
Quota Limit = 1073741824In this example, disk quotas are tracked and enforced on the volume, logging is enabled for both quota limits, and the warning levels and the disk quota values are current. In addition, the default warning limit (listed as the quota threshold) is set to 900 MB (0 × 038400000 bytes) and the default quota limit is set to 1 GB (0 × 040000000 bytes).
The disk quota summary is followed by the individual disk quota entries for each user that has stored data on the volume or has a custom entry regardless of whether the user has ever written data to the volume. The entries show the following information:
SID Name The logon name and domain of user accounts or the name of a built-in or well-known group that has a quota entry.
Change Time The last time the quota entry was changed or updated.
Quota Used The amount of space used in bytes.
Quota Threshold The current warning level set for the user in bytes.
Quota Limit The current quota limit set for the user in bytes.
When you configure disk quotas, you also have the option of logging two types of events in the system logs. One for when a user exceeds the quota limit and another for when a user exceeds the warning level. By default, quota violations are written to the system log once an hour, so if you checked the logs periodically, you could see events related to any users who have disk quota violations. It's much easier to check for quota violations from the command line, however. Simply type fsutil quota violations at the command prompt, and the FSUTIL QUOTA command will check the system and application event logs for quota violations.
Note
Wondering why FSUTIL QUOTA VIOLATIONS checks the system and application logs? Well, in some cases, quota violations for programs running under user accounts are logged in the application log rather than the system log. So, to ensure all quota violations are checked for, FSUTIL QUOTA VIOLATIONS checks both logs.
If there are no quota violations found, the output is similar to the following:
Searching in System Event Log... Searching in Application Event Log... No quota violations detected
If there are quota violations, the output shows the event information related to each violation. In the following example, a user reached the warning level (listed as the quota threshold):
Searching in System Event Log...
**** A user hit their quota threshold ! ****
Event ID : 0x40040024
EventType : Information
Event Category : 2
Source : Ntfs
User: BUILTINAdministrators
Data: D:
Searching in Application Event Log...As you can see, the output shows you the event ID, type, category, and source. It also shows the user who violated the disk quota settings and the volume on which the violation occurred.
Inside Out: You can change the notification interval for quota violations
As mentioned previously, quota violations are written to the event logs once an hour by default. You can check or change this behavior using the FSUTIL BEHAVIOR command. Keep in mind, however, that any changes you make apply to all volumes on the system that use disk quotas. To check the notification interval, type fsutil behavior query quotanotify. If the notification interval has been set by you or another administrator, the notification interval is shown in seconds. To set the notification interval, type fsutil behavior set quotanotify Interval, where Interval is the notification interval you want to set expressed as the number of seconds. For example, if you want to receive less-frequent notifications, you might want to set the notification interval to 7200 seconds (2 hours), and you would do this by typing fsutil behavior set quotanotify 7200.
If you want to use the same quotas on more than one NTFS volume, you can do this by exporting the quota entries from one volume and importing them on another volume. When you import quota entries, if there isn't a quota entry for the user already, a quota entry will be created. If a user already has a quota entry on the volume, you'll be asked if you want to overwrite it.
To export and import quota entries, access Disk Management, right-click the volume on which you want to enable quotas, and then select Properties. In the Properties dialog box for the disk, select the Quota tab, and then click the Quota Entries button. You'll then see the Quota Entries dialog box. Select Export from the Quota menu. This displays the Export Quota Settings dialog box.
Use the Save In selection list to choose the save location for the file containing the quota settings, and then set a name for the file using the File Name field. Afterward, click Save.
Next, access the Quota Entries dialog box for the drive on which you want to import settings. Select Import on the Quota menu. Then, in the Import Quota Settings dialog box, select the quota settings file that you saved previously. Click Open.
If prompted about whether you want to overwrite an existing entry, click Yes to replace an existing entry or click No to keep the existing entry. Select Do This For All Quota Entries prior to clicking Yes or No to use the same option for all existing entries.