Part one of this series introduced you to the Disk Management interface in Windows 2000 and explained how to create and delete partitions and volumes, convert a disk from basic to dynamic, change drive letters and mount points, and perform some other basic functions. In this Daily Drill Down, I’ll discuss NTFS 5—the latest version of the NT File System—and its file management advantages and I’ll provide some tips for troubleshooting and fixing disk problems.

Working with NTFS
When you format a disk in Windows 2000, you have a choice of three file systems: FAT, FAT32, and NT File System (NTFS). To make the best choice, you should understand the background and purpose of each.

FAT is the original 16-bit file system from MS-DOS and early versions of Windows. FAT32 is the improved version of FAT provided with later releases of Windows 95, Windows 98, Windows Millennium Edition, and Windows 2000. NTFS is Windows 2000’s own native file system. It offers many advantages over FAT and FAT32 under Windows 2000, so you should use it as long as compatibility with other operating systems on the same PC is not an issue. Some people dual-boot between Windows 2000 and Windows 95 or 98, for example, and they want the files on every partition to be accessible no matter which operating system is being used. For that to happen, they must use FAT or FAT32 on all partitions. For more information on dual-booting, see the TechProGuild Daily Drill Down “The essential Win2K multiboot troubleshooter: Planning partitions and file systems.”

NTFS 5 is the latest version of NTFS; the version that came with NT 4.0 was called (not surprisingly) NTFS 4. If you have worked with NTFS 4, NTFS 5 will seem very familiar, but you’ll be pleasantly surprised at some of the enhancements.

Advantages of NTFS over FAT and FAT32
NTFS in Windows 2000 offers the following advantages over FAT and FAT32:

  • NTFS permissions: You can set security at the file and folder levels through NTFS, in addition to the network sharing you configure in Windows 2000 itself. This means that you can grant or deny various permissions to individual files to users or groups of users.
  • Data compression: On an NTFS-formatted volume or partition, you can enable data compression so that more files can be stored in the same capacity drive. Unlike whole-disk compression methods such as DriveSpace (found in earlier versions of Windows and MS-DOS), NTFS compression can be set for individual folders and files.
  • Disk quotas: To prevent individual users from taking up too much space on a shared volume, you can set disk quotas in NTFS that prevent a user from using more than a specified amount of disk space.
  • Encryption: NTFS provides file encryption (Encrypting File System, or EFS) that prevents snoops from reading the contents of encrypted files. Like compression, encryption can be set on a folder-by-folder or even file-by-file basis.

Converting a FAT or FAT32 drive to NTFS
It’s easy to convert a FAT or FAT32 drive to NTFS without reformatting or losing any data. Windows 2000 provides a command-line utility called Convert for this purpose. Open a command prompt (from within Windows is fine) and type the following, where x: is the letter of the drive to convert:
Convert x: /fs:ntfs /v

The /fs switch stands for file system, and the /v switch stands for Verbose (which means you get all available messages on-screen describing the progress).

Using NTFS permissions
NTFS enables you to control who has access to a particular file or folder and what type of access each user or group will have. This is a huge topic that can’t be covered neatly in a few paragraphs, but briefly, here’s how it works. You right-click any file or folder stored on an NTFS volume or partition, choose Properties, and then click the Security tab. Choose Add to add users or groups to the list of names and then select the Permissions check boxes to specify which rights the selected user or group should have, as shown in Figure A.

Figure A
NTFS permissions, controlled on the Security tab, specify who can access a file or folder and how it can be accessed.

For each right, you can choose Allow or Deny. Allow rights are cumulative, so if you give someone Read access to a folder and Full Control to a particular file in that folder, the user will have Full Control for the file. Deny rights, however, work on a most-restrictive basis. For example, if a user has Full Control of a certain file in a folder but the folder itself is set with the Read permission denied, the user will not be able to access the file.

There are also special NTFS permissions, such as Take Ownership and Change Permissions, that offer even more control than the default six permission types on the Security tab shown in Figure A. To access them, click the Advanced button on the Security tab, select the user or group, and click View/Edit to display and configure the additional permissions, as shown in Figure B.

Figure B
Access additional NTFS permissions through the Security tab’s Advanced button.

When you copy a file or folder, its permissions stay with it. When you move within the same volume, the permissions stay, but when you move to a different volume, the file or folder inherits the permissions of the new location. When moving or copying to a non-NTFS partition, all files and folders lose all NTFS permissions.

Using NTFS compression
NTFS enables you to compress files and folders so that they take up less space on the volume. You can set compression on a folder-by-folder basis, such that any files stored in a compressed folder are automatically compressed, or you can set it for entire volumes or individual files. The compression is transparent; you can save and open the files normally in any Windows or MS-DOS application with no special action required.

To set the compression state, right-click the folder or file and choose Properties. Click the Advanced button, and in the Advanced Attributes dialog box, select or deselect the Compress Contents To Save Disk Space check box, as shown in Figure C.

Figure C
Compression is an on/off attribute for each file or folder.

When you change the compression state of a folder, you can choose whether all the files and subfolders within it will share its compression state. An extra dialog box appears when you compress or uncompress a folder, shown in Figure D, that lets you specify whether the change applies only to the folder or also to all its contents.

Figure D
Specify whether a folder’s contents will inherit its compression state or not.


There are a few minor “gotchas” with NTFS compression. For one thing, compression and encryption (EFS) are mutually exclusive. You can use one or the other, but not both, on a particular folder or file. In addition, compressing a file or folder requires Write permission to it, and you can’t compress files or folders on an NTFS volume that is formatted with cluster sizes larger than 4 KB.

What happens to a file or folder’s compression state when you move or copy it? Here are a few basic rules:

  • When you copy a file or folder, it inherits the compression state of the target location.
  • When you move a file or folder to a different location on the same volume, it retains its original compression state.
  • When you move a file or folder to a different NTFS volume, it inherits the compression state of the target location.
  • When you move or copy to a FAT or FAT32 drive, all compression is removed because those file systems don’t support it.
  • When you move or copy to a floppy disk, all compression is removed.

NTFS compression has a tendency to slow down disk access slightly, so you shouldn’t use it unless you have a reason (e.g., your hard disk is getting full). In addition, you’ll have better performance if you compress only the folders and files that you don’t use frequently. Some file types compress more than others, so if you’re looking for maximum space savings, start by compressing data files such as word processing documents and graphics.


If you have compression set up for some files or folders on a volume, it can be difficult to remember exactly which folders and files have it and which don’t. One easy way to eliminate this problem is to display compressed files in a different color than normal files. (The color change affects only the text name of the file or folder, not its icon.) To set this up, start from Windows Explorer. Choose Tools | Folder Options, and on the View tab, choose Display Compressed Files And Folders With Alternate Color.

Using Disk Quotas
Disk Quotas is a rather specialized feature, useful in a multiuser environment. As any network administrator knows, there are always a few users who are space hogs, storing way too much on the file server and limiting the amount of space left over for others. But short of giving each user his or her own volume, there wasn’t much to be done about it before now. NTFS 5, however, offers the ability to set quotas for each user. A message alerts the user when the quota limit is approaching, and when the quota is reached, that user is unable to save any more files to the volume until deleting enough to make room.

You can enable disk quotas and warnings for everyone or just for individual problem users. First you turn on the Quotas feature at the volume level, like this:

  1. Display the properties for a volume, either through Disk Management or in My Computer.
  2. On the Quota tab, select Enable Quota Management. (See Figure E.)
  3. Select Deny Disk Space To Users Exceeding Quota Limit.
  4. If you want to set a default limit for any new users you might create in the future, choose Limit Disk Space To and enter the space limit.
  5. (Optional) Check either of the bottom two check boxes to set your logging preferences. (See Figure E.)

Figure E
Enable Disk Quotas, set size limits, and set logging options for a volume in the Quotas tab.

Next, set the quotas for specific users or groups, like this:

  1. While still on the Quotas tab of the Disk Properties dialog box, click the Quota Entries button.
  2. Double-click the user account to set a quota for, set that user’s quota, as shown in Figure F, and click OK.
  3. (Optional) To set quotas for other users or groups not listed already, choose Quota | New Quota Entry. Choose the user(s) or groups(s) you want, click Add, and then click OK. Then go back to step 2 and set a quota for the new entry.

Figure F
Set a quota for an individual user or a group.

Using the Encrypting File System
There are several ways to prevent others from accessing a file on a particular PC. One is to prevent network access by setting share permissions for the drive or folder on which the file resides. Another is to set NTFS file permissions. The third way, and the most secure, is to encrypt the file with NTFS 5’s Encrypting File System (EFS). Using EFS is the most restrictive, in that it is public key-based. The key cannot be shared; only the user who encrypted the file has the key to it. Encrypted files cannot be shared on a network and cannot use NTFS compression.

Unlike the file encryption built into an application (such as Word 2000), EFS is not based on individual document passwords. Therefore, there are no passwords to remember. Instead, an encryption key is associated with the user’s logon, so that when that user is logged on, the file is freely accessible. When anyone else logs on, however, the file is unreadable.

The best way to encrypt a file is to encrypt a folder and then put the files in it that you want to encrypt. That way, the files are encrypted by virtue of being in the folder, rather than by their own properties, so if you ever want to remove the encryption, you can do it for the entire folder at once rather than messing with individual files. All files in an encrypted folder are automatically encrypted themselves.

You can rename an encrypted file; NTFS will note the renaming and update all its security references to the file. If you move a file out of an encrypted folder, the encryption remains.

To encrypt a folder or file, right-click it and choose Properties. On the General tab, click Advanced and then choose the Encrypt Contents To Secure Data check box, as shown in Figure G. Remember, compression and encryption are mutually exclusive; when you turn encryption on, any compression is removed. To decrypt a folder or file, simply repeat the process and remove the check mark in the Encrypt Contents To Secure Data check box.

Figure G
Encrypt a folder on an NTFS volume through Properties, General tab, Advanced button.


If a user encrypts a file and then loses the key to it, a designated EFS recovery agent can decrypt the file. That person is usually the network administrator. The network’s EFS recovery agent has a master key—a public recovery key that works to decrypt any encrypted file. A network can have more than one EFS recovery agent, but each agent has a unique public recovery key.

Diagnosing disk errors
In Disk Management, each partition or volume should report a status of Healthy, as shown in Figure H. If you see any other status, there’s a problem. The first thing to try to solve the problem is the Reactivate Disk command; to use it, right-click a failed volume or partition and choose Reactivate Disk from the shortcut menu.

Figure H
All partitions and volumes should show a status of Healthy.

If only one partition or volume on the drive reports a condition other than Healthy, and that condition persists after you try reactivating it, you should delete that partition or volume and recreate it. First, copy any data from it that you want to keep and then right-click the partition or volume and choose Delete. Then recreate it as described in “Managing disks in Windows 2000, part 1.”

If all of the volumes or partitions on the drive report a status other than Healthy, the drive may be defective. If you can still access the volumes or partitions from Windows Explorer, copy any files you want to keep and then replace the drive.

The situation becomes a little more complicated in a mirrored volume or RAID-5 volume situation. See the following sections for specifics.

Replacing a failed disk in a mirrored volume
If one of your mirrored drives fails, you should replace it as soon as possible. You can tell a failed volume because its status appears as Offline, Missing, or Online (Errors). First, try right-clicking it and choosing Reactivate Disk. If the status still doesn’t appear as Healthy, remove the mirroring and replace the disk by following these steps:

  1. Remove the mirroring by right-clicking the healthy disk of the set and choosing Remove Mirror. Choose the failed disk, click Remove Mirror, and click OK.
  2. Replace the defective physical disk.
  3. Re-add the mirror by right-clicking the original remaining disk and choosing Add Mirror.

Replacing a failed RAID-5 volume disk
When a drive in a RAID-5 volume fails, your first indication will probably be a performance hit. If you start noticing poor read/write performance, check the volume’s status in Disk Management. If it does not report Healthy, or if one of the disks reports Offline, Missing, or Online (Errors), first try reactivating the disk (right-click and choose Reactivate Disk). If that doesn’t work, you will need to remove the failed drive and replace it and then rebuild the volume content. After replacing the physical drive, right-click the RAID-5 volume and choose Repair Volume. The Repair RAID-5 Volume dialog box opens. Select the new drive that is replacing the failed one in the set, click OK, and you’re back in business.

Checking a disk for errors
Besides the physical errors that can derail a disk, logical storage errors can also creep into the picture. These are discrepancies between the volume or partition’s file allocation table and the actual content on the disk. For example, when the file allocation table reports that two different files lay claim to the same cluster on the disk, a cross-linked file results. Such errors can be corrected with the Check Disk utility in Windows 2000. (This serves the same purpose as the Scandisk utility in earlier Windows versions.)

To run Check Disk for a drive, do the following:

  1. In Disk Management, or in My Computer, right-click the volume or partition and choose Properties.
  2. On the Tools tab, click Check Now. The Check Disk dialog box opens, as shown in Figure I.
  3. (Optional) To have errors corrected automatically, mark the Automatically Fix File System Errors check box.
  4. (Optional) To perform a surface scan of the disk as well as a logical check, mark the Scan For And Attempt Recovery Of Bad Sectors check box.
  5. Click Start.

Figure I
To find and fix storage errors on a volume or partition, use the Tools tab in a volume or partition’s Properties dialog box.

Using Disk Defragmenter
Over time, file storage on a disk becomes fragmented, with pieces of files scattered all over the disk. Picking up and assembling these pieces into whole files takes time, resulting in poor disk read performance. To correct that problem, you can run Disk Defragmenter.

Disk Defragmenter works the same in Windows 2000 as in earlier versions of Windows. You can run Disk Defragmenter from the Start menu (Start | Programs | Accessories | System Tools | Disk Defragmenter), or you can right-click a drive from Disk Management or My Computer, choose Properties, and then run it from the Tools tab of the Properties box, just as you did for Check Disk in the preceding section. Once you’re in the Disk Defragmenter program, shown in Figure J, choose the drive you want to defragment and click the Defragment button.

Figure J
Defragment a disk to improve its read/write performance times.

In this Daily Drill Down, you learned about NTFS 5 and the file-management features you can take advantage of when you format a partition or volume with NTFS, including compression, encryption, and quotas. You also learned how to fix some common disk errors using Disk Management, Check Disk, and Disk Defragmenter.