Understanding file screening and storage reporting
Managing file screening and storage reporting
The Windows Server 2012 R2 operating system provides a robust environment for working with files and folders. For maximum control and flexibility, you’ll usually format volumes with the NTFS file system. NTFS gives you many advanced options, including the option to configure file screening and storage reporting, which are available when you add the File Server Resource Manager role service to a server as part of the File Services role.
When you work with NTFS volumes, file screening is another tool you can use in your effort to keep networks safe from malicious programs and block unauthorized types of content. You can use file screening in conjunction with quotas and storage reports. By using file screening, you can monitor and block the use of certain types of files. You can configure file screening in one of two modes:
Active screening. Does not allow users to save unauthorized files.
Passive screening. Allows users to save unauthorized files but monitors or warns about using the files (or both).
You actively or passively screen files by defining a file screen. All file screens have a file-screen path, which is a folder that defines the base file path to which the screen is applied. Screening applies to the designated folder and all subfolders of the designated folder. The particulars of how screening works and what is screened are derived from a source template that defines the file screen’s properties.
Windows Server 2012 R2 includes the file-screen templates listed in Table 20-1. By using File Server Resource Manager, you can easily define additional templates to use when you define file screens or you can set single-user, custom file-screen properties when defining the file screen.
Table 20-1. File-screen templates
File-Screen Template Name | Screening Type | File-Group Action |
|---|---|---|
Active | Block: Audio and Video Files | |
Block E-Mail Files | Active | Block: E-Mail Files |
Block Executable Files | Active | Block: Executable Files |
Block Image Files | Active | Block: Image Files |
Monitor Executable And System Files | Passive | Warn: Executable Files, System Files |
File-screen templates or custom properties define the following:
Screening type: active or passive
File groups to which screening is applied
Notifications using email, an event log, a command, a report, or any combination of these
Table 20-2 lists the standard file groups for screening. Each file group has a predefined set of files to which it applies. You can modify the included file types and create additional file groups by using File Server Resource Manager.
Table 20-2. File-screen groups and the file types to which they apply
File Group | Applies To |
|---|---|
Audio and video files | .aac, .aif, .aiff, .asf, .asx, .au, .avi, .flac, .m3u, .mid, .midi, .mov, .mp1, .mp2, .mp3, .mp4, .mpa, .mpe, .mpeg, .mpeg2, .mpeg3, .mpg, .ogg, .qt, .qtw, .ram, .rm, .rmi, .rmvb, .snd, .swf, .vob, .wav, .wax, .wma, .wmv, .wvx |
Backup files | .bak, .bck, .bkf, .old |
Compressed files | .ace, .arc, .arj, .bhx, .bz2, .cab, .gz, .gzip, .hpk, .hqx, .jar, .lha, .lzh, .lzx, .pak, .pit, .rar, .sea, .sit, .sqz, .tgz, .uu, .uue, .z, .zip, .zoo |
Email files | .eml, .idx, .mbox, .mbx, .msg, .ost, .oft, .pab, .pst |
Executable files | .bat, .cmd, .com, .cpl, .exe, .inf, .js, .jse, .msh, .msi, .msp, .ocx, .pif, .pl, .ps1, .scr, .vb, .vbs, .wsf, .wsh |
Image files | .bmp, .dib, .eps, .gif, .img, .jfif, .jpe, .jpeg, .jpg, .pcx, .png, .ps, .psd, .raw, .rif, .spiff, .tif, .tiff |
.accdb, .accde, .accdr, .accdt, .adn, .adp, .doc, .docm, .docx, .dot, .dotm, .dotx, .grv, .gsa, .gta, .mad, .maf, .mda, .mdb, .mde, .mdf, .mdm, .mdt, .mdw, .mdz, .mpd, .mpp, .mpt, .obt, .odb, .one, .onepkg, .pot, .potm, .potx, .ppa, .ppam, .pps, .ppsm, .ppsx, .ppt, .pptn, .pptx, .pub, .pwz, .rqy, .rtf, .rwz, .sldm, .sldx, .slk, .thmx, .vdx, .vsd, .vsl, .vss, .vst, .vsu, .vsw, .vsx, .vtx, .wbk, .wri, .xla, .xlam, .xlb, .xlc, .xld, .xlk, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlv, .xlw, .xsf, .xsn | |
System files | .acm, .dll, .ocx, .sys, .vxd |
Temporary files | .temp, .tmp, ~* |
Text files | .asc, .text, .txt |
Webpage files | .asp, .aspx, .cgi, .css, .dhtml, .hta, .htm, .html, .mht, .php, .php3, .shtml, .url |
You can generate storage reports as part of quota and file-screening management. Table 20-3 provides a summary of the standard storage reports and their purposes. By using one of the standard storage reports, you can generate three general types of storage reports:
Incident reports. Generated automatically when a user tries to save an unauthorized file or when a user exceeds a quota
Scheduled reports. Generated periodically based on a scheduled report task
On-demand reports. Generated manually upon request
Table 20-3. Standard storage reports
Report Name | Description |
|---|---|
Lists files that appear to be duplicates based on the file size and last modification time. It helps reclaim wasted space resulting from duplication. | |
File Screening Audit | Lists file-screening audit events on the server for a specified period. It helps identify users and applications that violate screening policies. You can set report parameters to filter events based on the user and the minimum days since the screening event occurred. |
Files By File Group | Lists files by file group, such as Compressed Files, Executable Files, or Office Files. It helps identify usage patterns and types of files that are using large amounts of disk space. You can set report parameters to include or exclude specific file groups. |
Files By Owner | Lists files by users who own them. It helps identify users who use large amounts of disk space. You can set report parameters to include or exclude specific users and specific files by name pattern. |
Files By Property | Lists files by a particular classification property. It helps track classification patterns and general usage of classification properties. |
Folders By Property | Lists folders by a particular classification property. It helps track classification patterns and general usage of classification properties. |
Large Files | Lists files that are of a specified size or larger. It helps identify file-classification usage patterns. You can set report parameters to generate a report about a specified classification property. You can include and exclude files only by name pattern. |
Least Recently Accessed Files | Lists files that haven’t been accessed recently. It helps identify files that you might be able to delete or archive. You can set report parameters to define what constitutes a least recently used file. By default, any file that hasn’t been accessed in the past 90 days is considered a least recently used file. You can also include or exclude specific files by name pattern. |
Most Recently Accessed Files | Lists files that have been accessed recently. It helps identify frequently used files. You can set report parameters to define what constitutes a most recently used file. By default, any file that has been accessed within the past seven days is considered a most recently used file. You can also include or exclude specific files by name pattern. |
Quota Usage | Lists the quotas that exceed a minimum quota usage value. It helps identify file usage according to quotas. You can set report parameters to define the quotas that should be included according to the percentage of the quota limit used. For example, you might want to report when 75 percent of the quota limit has been reached. |
You manage file screening and storage reporting by using the File Server Resource Manager console. This console is installed and available on the Tools menu in Server Manager when you add the File Server Resource Manager role service to the server as part of the File And Storage Services role. When you select the File Server Resource Manager node in the console, you see five additional nodes (as shown in Figure 20-1):
Quota Management. Used to manage the quota features of Windows Server 2012 R2; discussed in Chapter 16
File Screening Management. Used to manage the file-screening features of Windows Server 2012 R2; discussed in this chapter
Storage Reports Management. Used to manage the storage-reporting features of Windows Server 2012 R2; discussed in this chapter
Classification Management. Used to manage the file-classification features of Windows Server 2012 R2
File Management Tasks. Used to find subsets of files and then manage the files in some way
File-screening and storage-reporting management can be divided into the following key areas:
Global options. Control global settings for file-server resources, including email notification, storage-report default parameters, report locations, file-screen auditing, and access-denied assistance
File groups. Control the types of files to which screens are applied
File-screen templates. Control screening properties (screening type: active or passive; file groups to which screening is applied; notifications: email, event log, or both)
File screens. Control file paths that are screened
File-screen exceptions. Control file paths that are screening exceptions
Report generation. Controls whether and how storage reports are generated
The following sections discuss each of these management areas.
You use global file-resource options to configure email notification, storage-report default parameters, report locations, and file-screen auditing. You should configure these global settings prior to configuring quotas, file screens, and storage reporting.
Notifications and storage reports are emailed through a Simple Mail Transfer Protocol (SMTP) server. For this process to work, you must designate which organizational SMTP server to use, default administrative recipients, and the From address to be used in mailing notifications and reports. To configure these settings, follow these steps:
Open File Server Resource Manager. On the Action menu or in the Actions pane, tap or click Configure Options. This opens the File Server Resource Manager Options dialog box with the Email Notifications tab selected by default, as shown in Figure 20-2.
In the SMTP Server Name Or IP Address text box, type the fully qualified domain name of the organization’s mail server, such as MailServer48.cpandl.com, or type the IP address of this server, such as 192.168.10.52.
In the Default Administrator Recipients field, type the email address of the default administrator for notification, such as [email protected]. Typically, you want this to be a separate mailbox that is monitored by an administrator or a distribution group that goes to the specific administrators responsible for file-server resource management. You can also enter multiple email addresses. Be sure to separate each email address with a semicolon.
In the Default “From” E-Mail Address field, type the email address you want the server to use in the From field of notification messages. Remember, both users and administrators can receive notifications.
To test the settings, tap or click Send Test E-Mail. The test email message should be delivered to the default administrator recipients almost immediately. If it isn’t, check to be sure that the email addresses used are valid and that the From email address is acceptable to the SMTP server as a valid sender.
Tap or click OK.
When a quota is exceeded or an unauthorized file is detected, File Server Resource Manager sends a notification to administrators by performing one or more of the following actions:
Sending an email message to the user who attempted to save an unauthorized file, to a designated list of administrators, or to both
Recording a warning message in the event logs
Executing a command that performs administrative tasks under the LocalService, NetworkService, or LocalSystem account
Generating one or more notification reports and optionally sending those reports to an authorized list of recipients
To reduce the number of notifications, you can set notification limits that specify a period of time that must elapse before a subsequent notification of the same type is raised for the same issue. The default notification limit for email notification, event log notification, command notification, and report notification is 60 minutes.
You can configure notification limits by following these steps:
Open File Server Resource Manager. On the Action menu or in the Actions pane, tap or click Configure Options.
In the File Server Resource Manager Options dialog box, tap or click the Notification Limits tab.
You can now configure limits for the following types of notifications:
Email Notification. Sets the interval between email notifications
Event Log Notification. Sets the interval between event-log notifications
Command Notification. Sets the interval between command notifications
Report Notification. Sets the interval between report notifications
Tap or click OK to save your settings.
Each storage report has a default configuration you can review and modify by using File Server Resource Manager Options. Default parameter changes apply to all future incident reports and any existing report tasks that use the default configuration. You can override the default settings as necessary if you subsequently schedule a report task or generate a report on demand.
You can access the standard storage reports and change their default parameters by following these steps:
Open File Server Resource Manager. On the Action menu or in the Actions pane, tap or click Configure Options.
In the File Server Resource Manager Options dialog box, tap or click the Storage Reports tab.
To review a report’s current settings, select the report name in the Reports list and then tap or click Review Reports.
To modify a report’s default parameters, select the report name in the Reports list and then tap or click Edit Parameters. You can then modify the report parameters as necessary.
When you finish, tap or click Close or OK as appropriate.
By default, incident, scheduled, and on-demand reports are stored on the server on which notification is triggered in separate subfolders under %SystemDrive%StorageReports. You can review or modify this configuration by following these steps:
Open File Server Resource Manager. On the Action menu or in the Actions pane, tap or click Configure Options.
In the File Server Resource Manager Options dialog box, tap or click the Report Locations tab.
The report folders currently in use are listed under Report Locations. To specify a different local folder for a particular report type, type a new folder path or tap or click Browse to search for the folder path you want to use.
Tap or click OK.
By running a file screen auditing report, you can record file-screening activity in an auditing database for later review. This auditing data is tracked on a per-server basis, so the server on which the activity occurs is the one on which the activity is audited. To enable or disable file-screen auditing, follow these steps:
Open File Server Resource Manager. On the Action menu or in the Actions pane, tap or click Configure Options.
In the File Server Resource Manager Options dialog box, tap or click the File Screen Audit tab.
To enable auditing, select the Record File Screening Activity In Auditing Database check box.
To disable auditing, clear the Record File Screening Activity In Auditing Database check box.
You use the classification rules and properties to classify files based on location, type, and content. Classification properties are values that you want to assign to files and folders. Classification rules assign classification properties to files. Each classification rule is used to assign a specific classification property to designated folders and their contents. Two types of properties can be created:
Local properties. Properties defined on a specific server, using File Server Resource Manager
Global properties. Properties defined in Active Directory, using Active Directory Administrative Center
Each classification rule you define has a specific scope. By default, classification rules apply to all files of any type within designated folders and their subfolders. You can limit the rule by assigning the rule to the lowest-level folders to which the rule should be applied. For example, rather than assigning the rule to a drive root, such as C:, you could set the rule on the C:Data, C:SharesEngineering, and C:Reports folders. You can further limit the scope of the rule by applying it only to specific types of files, such as only user and group files.
The classification methods you can use include the following:
Folder Classifier. Classifies files according to folder. When you use this classifier, every file in the designated folder (and in its subfolders) is assigned the classification property associated with the rule.
Content Classifier. Classifies files according to search strings and regular expression patterns. When you use this classifier, any file containing all specified search strings and matching all specified regular expression patterns is assigned the classification property associated with the rule. The more complex your content classifier, the longer it takes to parse and assign the classification.
Windows PowerShell Classifier. Classifies files by using Windows PowerShell scripts. Because scripts are entered directly as part of the classification parameters, you should test the scripts on a subset of data or a specific test set before applying.
Generally, classification rules are applied to files only when applications or file management tasks query their classification properties. Because processing classification rules at the time of a request might slow down performance, you typically want to classify files automatically beforehand. To do this, you create a schedule for automatic classification by using File Server Resource Manager.
Automatic classification can be scheduled to run weekly at a specific day and time, such as Sunday at 3:30 A.M., or monthly on a specific day of the month, such as the fifth day of every month.
Following this, you can configure classification by doing the following:
Create classification properties that you want to assign to files by using either File Server Resource Manager or Active Directory Administrative Center.
Create local properties in File Server Resource Manager. Under Classification Management, select Classification Properties to view currently defined properties. To create a local property, press and hold or right-click Classification Properties in the left pane, select Create Local Property, and then use the options provided to set the property type and value.
Create global properties in Active Directory Administrative Center. Under Dynamic Access Controls, select Resource Properties to view currently defined global properties and their enabled or disabled status. To create a global property, under Tasks, select New, select Resource Property, and then use the options provided to set the property type and value.
In File Server Resource Manager, create one or more classification rules for each classification property. Under Classification Management, select Classification Rules to view currently defined rules. To create a rule, press and hold or right-click Classification Rules in the left pane, select Create Classification Rule, and then use the options provided to define the rule.
In File Server Resource Manager, schedule automatic classification to pre-assign classification properties as appropriate. Under Classification Management, select Classification Rules and then select Configure Classification Schedule. You can now view the current classification schedule or define a new one.
In Group Policy, you can configure Access-Denied Assistance policies to help users determine who to contact if they have trouble accessing files. When you enable and configure Access-Denied Assistance policies, you can customize Access Denied errors with additional help text, links to help pages or documents, and an email address for requesting help.
To enable Access-Denied Assistance for all file types, configure Enable Access-Denied Assistance On Client For All File Types as Enabled and then customize Access Denied errors by enabling and configuring Customize Message For Access Denied Errors. As discussed in Chapter 19 these policies are found in the Administrative Templates policies for Computer Configuration under SystemAccess-Denied Assistance.
When you add the File Server Resource Manager role to a file server, you can configure Access-Denied Assistance through File Server Resource Manager and then you can use its standard-message and request-assistance options to configure Access-Denied Assistance quickly. The standard assistance message is similar to the one shown in Figure 20-3. The standard message includes a clickable link to Microsoft Support. You can easily modify the standard message.
To configure Access-Denied Assistance by using File Server Resource Manager, follow these steps:
Open File Server Resource Manager. On the Action menu or in the Actions pane, tap or click Configure Options.
In the File Server Resource Manager Options dialog box, tap or click the Access-Denied Assistance tab, as shown in Figure 20-4.
Select the Enable Access-Denied Assistance check box. You can modify the standard message by typing directly into the editable box provided on the Access-Denied Assistance tab. For example, you might want to replace the link to Microsoft Support with a link to your organization’s help desk, as I’ve done here. When creating your message, keep the following in mind:
The message is standard text except for the <a> </a> tags. The begin and end anchor tags are the only acceptable HTML.
You can enter multiple anchor tags. Each <a> tag can have its own hypertext reference, and any text placed between the <a> tag and the </a> tag becomes a clickable hypertext link.
If you want users to be able to request assistance by sending an email message to a predesignated administrator, tap or click Configure Email Requests and then select Enable Users To Request Assistance, as shown in Figure 20-5. Typically, you want to include user information (including user claims) and device state information (including device claims), which is why these options are selected by default.
In the Recipient List, enter a semicolon-separated list of recipients for the email request. However, rather than entering the email addresses of specific people, you might want to enter the email address for a distribution group. In this way, you can manage recipients by adding or removing group members rather than by editing the Access-Denied Assistance configuration.
By default, the email request also is sent to the folder owner and the Administrator account. If you have a specific team handling access assistance and you already provided the email address in the Recipient List, you might want to clear these options. Otherwise, accept the default selections.
Next, use the text box provided to customize the text added to the end of the email message. As before, this is standard text that can be modified as necessary and can include hypertext links.
By default, email requests are logged in the Application event log. If you don’t want related events to be logged, clear the Generate An Event Log Entry For Each Email Sent check box.
Tap or click OK.
You use file groups to designate sets of similar file types to which screening can be applied. In File Server Resource Manager, you can view the currently defined file-screening groups by expanding the File Server Resource Manager and File Screening Management nodes and then selecting File Groups. Table 20-2, shown previously, lists the default file groups and the included file types.
You can modify existing file groups by following these steps:
Open File Server Resource Manager. Expand the File Server Resource Manager and File Screening Management nodes and then select File Groups.
Currently defined file groups are listed along with included and excluded files.
To modify file-group properties, double-tap or double-click the file-group name. This opens a Properties dialog box similar to the one shown in Figure 20-6.
In the Files To Include text box, type the file name extension of an additional file type to screen, such as .pdf, or the file name pattern, such as Archive*.*. Tap or click Add. Repeat this step to specify other file types to screen.
In the Files To Exclude text box, type the file name extension of a file type to exclude from screening, such as .doc, or the file name pattern, such as Report*.*. Tap or click Add. Repeat this step to specify other file types to exclude from screening.
Tap or click OK to save the changes.
You can specify additional file groups to screen by following these steps:
Open File Server Resource Manager. Expand the File Server Resource Manager and File Screening Management nodes and then select File Groups.
On the Action menu or in the Actions pane, tap or click Create File Group. This opens the Create File Group Properties dialog box.
In the File Group Name text box, type the name of the file group you’re creating.
In the Files To Include text box, type the file name extension to screen, such as .pdf, or the file name pattern, such as Archive*.*. Tap or click Add. Repeat this step to specify other file types to screen.
In the Files To Exclude text box, type the file name extension to exclude from screening, such as .doc, or the file name pattern, such as Report*.*. Tap or click Add. Repeat this step to specify other file types to exclude from screening.
Tap or click OK to create the file group.
You use file-screen templates to define screening properties, including the screening type, the file groups to which a screen is applied, and notification. In File Server Resource Manager, you can view the currently defined file-screen templates by expanding the File Server Resource Manager and File Screening Management nodes and then selecting File Screen Templates. Table 20-1, shown previously, provides a summary of the default file-screen templates.
You can modify existing file-screen templates by following these steps:
Open File Server Resource Manager. Expand the File Server Resource Manager and File Screening Management nodes and then select File Screen Templates.
Currently defined file-screen templates are listed by name, screening type, and file groups affected.
To modify file-screen template properties, double-tap or double-click the file-screen template name. This opens a Properties dialog box (shown in Figure 20-7).
On the Settings tab, you can set the template name, screen type, and file groups affected, using the controls provided.
On the E-Mail Message tab, you can configure the following notifications:
To notify an administrator when the file screen is triggered, select the Send E-Mail To The Following Administrators check box and then type the email address or addresses to use. Be sure to separate multiple email addresses with a semicolon. Use the [Admin Email] value to specify the default administrator as configured previously under the global options.
To notify users, select the Send E-Mail To The User Who Attempted To Save An Unauthorized File check box. In the Subject and Message Body text boxes, specify the contents of the user notification message. Table 20-4 lists available variables and their meanings.
On the Event Log tab, you can configure event logging. Select Send Warning To Event Log to enable logging and then specify the text of the log entry in the Log Entry field. Table 20-4 lists available variables and their meanings.
On the Report tab, select the Generate Reports check box to enable incident reporting and then select the check boxes for the types of reports you want to generate. Incident reports are stored under %SystemDrive%StorageReportsIncident by default and can be sent to designated administrators and to the user who attempted to save an unauthorized file. Use the [Admin Email] value to specify the default administrator as configured previously under the global options.
Tap or click OK when you have finished modifying the template.
You can create a new file-screen template by following these steps:
Open File Server Resource Manager. Expand the File Screening Management node and then select File Screen Templates.
On the Action menu or in the Actions pane, tap or click Create File Screen Template. This opens the Create File Screen Template dialog box.
Follow steps 3 to 7 of the previous procedure.
Table 20-4. File-screen variables
Variable Name | Description |
|---|---|
[Admin Email] | Inserts the email addresses of the administrators defined under the global options |
[File Screen Path] | Inserts the local file path where the user attempted to save the file, such as C:Data |
[File Screen Remote Path] | Inserts the remote file path where the user attempted to save the file, such as \servershare |
[File Screen System Path] | Inserts the canonical file path where the user attempted to save the file, such as \?VolumeGUID |
[Server Domain] | Inserts the domain of the server on which the notification occurred |
[Server] | Inserts the server on which the notification occurred |
[Source File Owner] | Inserts the user name of the owner of the unauthorized file |
[Source File Owner Email] | Inserts the email address of the owner of the unauthorized file |
[Source File Path] | Inserts the source path of the unauthorized file |
[Source File Remote Paths] | For shared folders, inserts the source path in Universal Naming Convention (UNC) format, such as \FileServer15Data |
Inserts the email address of the user who caused the notification | |
[Source Io Owner] | Inserts the name of the user who caused the notification |
[Source Process Id] | Inserts the process ID (PID) of the process that caused the notification |
[Source Process Image] | Inserts the executable for the process that caused the notification |
[Violated File Group] | Inserts the name of the file group in which the file type is defined as unauthorized |
You use file screens to designate file paths that are screened. In File Server Resource Manager, you can view current file screens by expanding the File Server Resource Manager and File Screening Management nodes and then selecting File Screens. Before you define file screens, you should specify file-screening groups and file-screen templates that you will use, as discussed in the Managing the file groups to which screens are applied and Managing file-screen templates sections earlier in the chapter.
After you define the necessary file groups and file-screen templates, you can create a file screen by following these steps:
Open File Server Resource Manager. Expand the File Server Resource Manager and File Screening Management nodes and then select File Screens.
Tap or click Create File Screen on the Action menu or in the Actions pane.
In the Create File Screen dialog box, set the local computer path to screen by tapping or clicking Browse. In the Browse For Folder dialog box, select the path to screen, such as C:Data.
In the Derive Properties selection list, choose the file-screen template that defines the screening properties you want to use.
Tap or click Create.
You use exception paths to designate folder locations where it’s permitted to save blocked file types. Based on the NTFS permissions on the excepted file path, you can use this feature to allow specific users to save blocked file types to designated locations or to allow all users to save blocked file types to designated locations.
You can create a file-screen exception by following these steps:
Open File Server Resource Manager. Expand the File Server Resource Manager and File Screening Management nodes and then select File Screens.
Tap or click Create File Screen Exception on the Action menu or in the Actions pane.
In the Create File Screen Exception dialog box, set the local path to exclude from screening by tapping or clicking Browse. Then, in the Browse For Folder dialog box, select the path to exclude from screening, such as C:DataImages.
Select the file groups to exclude from screening on the designated path.
Tap or click OK.
Incident reports are generated automatically when triggered, as defined in the Reports tab properties of a file-screen template. (For details, see “Understanding file screening and storage reporting” earlier in the chapter.) Scheduled and on-demand reports are configured separately. In File Server Resource Manager, you can view currently scheduled reports by expanding the File Server Resource Manager node and then selecting Storage Reports Management.
You can schedule reports on a per-volume or per-folder basis by following these steps:
Open File Server Resource Manager. Expand the File Server Resource Manager node and then select Storage Reports Management.
On the Action menu or in the Actions pane, tap or click Schedule A New Report Task. This opens the Storage Reports Task Properties dialog box, shown in Figure 20-8.
On the Settings tab, type a descriptive name for the report, such as Primary Share Storage Report.
Under Report Data, select the types of reports to generate. Some of the reports have configurable parameters. If a report has configurable parameters, you can customize the report by selecting the report under Report Data and then tapping or clicking Edit Parameters.
By default, only the first 1000 files are included in storage reports. To specify a different maximum file value, enter the desired number in the Maximum Number combo box.
Under Report Formats, select the format for the report, such as Dynamic HTML (DHTML).
On the Scope tab, specify the general kinds of data to include by selecting the appropriate check boxes for the following:
On the Scope tab, tap or click Add. In the Browse For Folder dialog box, select the volume or folder on which you want to generate scheduled storage reports. Repeat these actions to add other volumes or folders.
By default, Windows Server 2012 R2 stores scheduled storage reports as they’re generated in the %SystemDrive%StorageReportsScheduled folder. If you also want to deliver reports by email to administrators, tap or click the Delivery tab and then select the Send Reports To The Following Administrators check box. Enter the email address or addresses to which reports should be delivered, being sure to separate each email address with a semicolon.
On the Schedule tab, use the options provided to define the run schedule for reporting. For example, you can run the reports weekly on a Monday at 4:30:00 A.M. or monthly on the last day of the month at 3:00:00 A.M.
Tap or click OK to schedule the report task.
You can generate an on-demand report by following these steps:
Open File Server Resource Manager. Expand the File Server Resource Manager node and then select Storage Reports Management.
On the Action menu or in the Actions pane, tap or click Generate Reports Now. This opens the Storage Reports Task Properties dialog box.
On the Settings tab, under Report Data, select the types of reports to generate.
Under Report Formats, select the format for the report, such as DHTML.
On the Scope tab, specify the general kinds of data to include by selecting the appropriate check boxes for Application Files, Group Files, Backup And Archival Files, and User Files.
On the Scope tab, tap or click Add. In the Browse For Folder dialog box, select the volume or folder on which you want to generate the on-demand storage reports. Repeat to add other volumes or folders.
Windows Server 2012 R2 stores on-demand storage reports in the %SystemDrive%StorageReportsInteractive folder. If you also want to deliver reports by email to administrators, tap or click the Delivery tab and then select the Send Reports To The Following Administrators check box. Enter the email address or addresses to which reports should be delivered, being sure to separate each email address with a semicolon.
Tap or click OK. When prompted, specify whether to wait for the reports to be generated and then display them or to generate the reports in the background for later access. Tap or click OK.