Figure 11-9: Removable drive policies in .NET

Printer QR-Code in .NET Figure 11-9: Removable drive policies

Figure 11-9: Removable drive policies
QR Code 2d Barcode Maker In VS .NET
Using Barcode creator for .NET framework Control to generate, create QR Code image in .NET framework applications.
www.OnBarcode.com
QR-Code Scanner In .NET
Using Barcode scanner for .NET framework Control to read, scan read, scan image in VS .NET applications.
www.OnBarcode.com
Figure 11-10: Password to access encrypted removable storage Choose How BitLocker-Protected Removable Drives Can Be Recovered This policy allows you to specify the methods that can be used to recover BitLocker-protected removable devices. You can configure removable drives to use the DRA specified in the Computer Configuration\Windows Settings\Security Settings\Public Key Policies\ BitLocker Drive Encryption node. You can also configure a recovery password and a recovery key. Using this policy, you can specify whether BitLocker recovery information is stored within AD DS.
Barcode Encoder In Visual Studio .NET
Using Barcode drawer for VS .NET Control to generate, create barcode image in VS .NET applications.
www.OnBarcode.com
Bar Code Reader In .NET Framework
Using Barcode reader for .NET Control to read, scan read, scan image in Visual Studio .NET applications.
www.OnBarcode.com
Once a removable device supports BitLocker To Go, it is possible to manage it either by rightclicking it within Windows Explorer or by clicking Manage BitLocker within the BitLocker Drive Encryption control panel. This opens the dialog box shown in Figure 11-11. This dialog box allows you to change the password assigned to the device, configure the device so that you can unlock it with a smart card, save the recovery key, remove the password from the device, or configure the computer to automatically unlock the device whenever it is connected.
Make Quick Response Code In Visual C#
Using Barcode creation for .NET Control to generate, create QR Code JIS X 0510 image in VS .NET applications.
www.OnBarcode.com
QR-Code Creation In Visual Studio .NET
Using Barcode generator for ASP.NET Control to generate, create QR Code image in ASP.NET applications.
www.OnBarcode.com
Figure 11-11: Change BitLocker To Go options BitLocker Recovery Encrypted volumes are locked when the encryption key is not available. When the operating system volume is locked, you can boot only to recovery mode. In recovery mode, you can enter the BitLocker password or you can attach the USB device that has the recovery key stored and restart the computer. Once you enter the recovery password or key, you can boot your computer normally. The following events trigger recovery mode: The boot environment changes. This could include one of the boot files being modified. TPM is disabled or cleared. An attempt is made to boot without the TPM, PIN, or USB key being provided. You attach a BitLocker-encrypted operating system volume to another computer. If you need to perform a task that would normally trigger recovery mode, such as modifying the boot files, it is possible to disable BitLocker temporarily. You should temporarily disable BitLocker when upgrading the computer's BIOS or making any modification to the startup environment, such as configuring Windows 7 to dual-boot with a virtual hard disk (VHD) installation of the operating system. Once you have finished the configuration changes, you can re-enable BitLocker. The changes that you made when BitLocker was disabled do not trigger recovery mode.
QR Code Creator In VB.NET
Using Barcode generation for Visual Studio .NET Control to generate, create Quick Response Code image in Visual Studio .NET applications.
www.OnBarcode.com
Drawing Linear In .NET
Using Barcode drawer for .NET Control to generate, create 1D Barcode image in .NET applications.
www.OnBarcode.com
Manage-bde.exe Manage-bde.exe is the BitLocker command-line utility. You must use Manage-bde.exe from an elevated command prompt. Manage-bde.exe allows you to unlock locked BitLocker volumes and allows you to modify BitLocker PINs, passwords, and keys. Table 11-1 lists common Manage-bde.exe parameters. You will use Manage-bde.exe in the practice exercise at the end of the lesson.
PDF-417 2d Barcode Creator In Visual Studio .NET
Using Barcode creation for .NET Control to generate, create PDF 417 image in .NET framework applications.
www.OnBarcode.com
Encoding Code 39 Extended In .NET
Using Barcode maker for .NET framework Control to generate, create Code-39 image in VS .NET applications.
www.OnBarcode.com
Table 11-1: Common Manage-bde.exe Parameters
Drawing Barcode In .NET Framework
Using Barcode maker for VS .NET Control to generate, create barcode image in .NET applications.
www.OnBarcode.com
Encode 2/5 Industrial In Visual Studio .NET
Using Barcode encoder for .NET Control to generate, create Code 2/5 image in Visual Studio .NET applications.
www.OnBarcode.com
PARAMETER -status -on -off -pause/-resume -lock -unlock -Setldentifier -changepin -changepassword -changekey
Bar Code Encoder In Java
Using Barcode generation for Android Control to generate, create barcode image in Android applications.
www.OnBarcode.com
Recognize ECC200 In Visual Basic .NET
Using Barcode recognizer for .NET Control to read, scan read, scan image in .NET applications.
www.OnBarcode.com
FUNCTION Displays BitLocker status Encrypts a volume and turns BitLocker on Decrypts a volume and turns BitLocker off Pauses or resumes encryption or decryption Prevents access to BitLocker-protected data Allows access to BitLocker-encrypted data Configures the identifier for a volume Modifies the PIN for a volume Modifies a volume's password Modifies a volume's startup key
Reading PDF417 In Visual Basic .NET
Using Barcode scanner for VS .NET Control to read, scan read, scan image in Visual Studio .NET applications.
www.OnBarcode.com
Make GS1 128 In Java
Using Barcode creation for Java Control to generate, create EAN128 image in Java applications.
www.OnBarcode.com
EXAM TIP
Bar Code Printer In Java
Using Barcode drawer for Java Control to generate, create bar code image in Java applications.
www.OnBarcode.com
UCC - 12 Recognizer In C#.NET
Using Barcode decoder for .NET framework Control to read, scan read, scan image in .NET framework applications.
www.OnBarcode.com
Remember which policy to configure to allow computers without TPM chips to use BitLocker.
EAN 13 Encoder In Java
Using Barcode printer for Java Control to generate, create EAN-13 Supplement 5 image in Java applications.
www.OnBarcode.com
UPC Symbol Printer In Java
Using Barcode creation for Java Control to generate, create UPC-A image in Java applications.
www.OnBarcode.com
Practice: Configuring BitLocker to Go In this practice, you configure Group Policies so that users are able to write data only to specially prepared removable storage devices that support BitLocker To Go. Implementing similar policies in a real-world environment ensures that data stored on a removable storage device is safe from third-party access if the owner of the removable storage device loses it in a public place.
EXERCISE 1: Configuring BitLocker To Go Policies In this exercise, you configure BitLocker To Go-related Group Policy settings. 1. 2. 3. 4. 5. 6. 7. Log on to computer Canberra using the Kim_Akers user account. Ensure that the USB storage device that you will encrypt using BitLocker To Go is attached to the computer. Use the Disk Management console to format the USB storage device with the FAT32 file system. Disconnect the USB storage device from the computer In the Search Programs And Files text box, type gpedit.msc. This opens the local Group Policy Editor. Navigate to the Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption node. Edit the Provide The Unique Identifiers For Your Organization policy. Enable the policy and set the BitLocker Identification Field and the Allowed BitLocker Identification Field to ContosoBitLocker, as shown in Figure 11-12, and then click OK.
Figure 11-12: Configure identifiers Open the Removable Data Drives node and then set the Deny Write Access To Removable Drives Not Protected By BitLocker policy to Enabled. Then select the Do Not Allow Write Access To Devices Configured In Another Organization check box. Click OK. 9. Enable the Allow Access To BitLocker-Protected Removable Data Drives From Earlier Versions Of Windows policy. 10. Set the Configure Use Of Passwords For Removable Data Drives policy to Enabled. Select the Require Password For Removable Data Drive check box, set the Configure Password Complexity For Removable Data Drives to Allow Password Complexity, as shown in Figure 11-13, and then click OK. 8.
Figure 11-13: Removable drive password complexity 11. Close the Local Group Policy Editor and then reboot the computer. EXERCISE 2: Testing the Application of BitLocker To Go Policies In this exercise, you encrypt a removable storage device and verify that it is possible to write data to the device only when the device has been configured with BitLocker. 1. After computer Canberra has rebooted at the end of Exercise 1, log on with the Kim_Akers user account. 2. After you have logged on, connect the USB storage device that you prepared in Exercise 1. Verify that the message displayed in Figure 11-14 appears.
Figure 11-14: Removable device warning 3. Click Don't Encrypt This Drive to dismiss this dialog box. Create a file on the desktop named Test.txt. Using Windows Explorer, attempt to copy this file to the USB storage device. This prompts a message informing you that the disk is write-protected.
In the Search Programs And Files text box, type Manage BitLocker. Click the Manage BitLocker item. 5. In the BitLocker Drive Encryption control panel, click the Turn On BitLocker item next to the removable USB drive, as shown in Figure 11-15. 6.
Figure 11-15: The BitLocker control panel 7. On the Choose How You Want To Unlock The Drive page, enter the password P@ssw0rd twice and then click Next. 8. On the How Do You Want To Store Your Recovery Key page, click Save The Recovery Key To A File and save the recovery key on the desktop. Click Next. 9. On the Are You Ready To Encrypt This Drive page, click Start Encrypting. Windows starts encrypting the drive. 10. When the removable drive has stopped encrypting, open an elevated command prompt and issue the command manage-bde-status e: (where e: is the volume identifier of the USB storage device). Verify that the Identification Field setting matches ContosoBitLocker, as shown in Figure 11-16.
Figure 11-16: Check BitLocker status 11. Use Windows Explorer to copy the file Test.txt from the desktop to the USB storage device, and verify that you are now able to write data to the device. 12. Disconnect and then reconnect the storage device. Verify that you need to enter a password to access the storage device.
Lesson Summary BitLocker offers full volume encryption and system protection for computers running the Enterprise and Ultimate editions of Windows 7. TPM chips are required for BitLocker boot integrity protection. TPM PINs can be backed up to AD DS. BitLocker can use five different modes: TPM-only, TPM with PIN, TPM with startup key, TPM with PIN and startup key, and startup key without TPM. The startup key without TPM mode can be enabled only by configuring Require Additional Authentication At Startup Group Policy. DRAs can be configured for the recovery of BitLocker-encrypted volumes. BitLocker To Go provides BitLocker encryption to removable storage devices. Computers running the Enterprise and Ultimate editions of Windows 7 can configure removable devices. Computers running other editions of Windows 7 cannot configure removable devices, but they can read and write data to BitLocker To Go-protected devices. BitLocker To Go-protected removable storage devices can be protected with passwords. BitLocker To Go storage devices can be accessed from computers running Windows Vista and Windows XP through a utility named BitLocker To Go Reader if Group Policy is configured to allow this. Lesson Review You can use the following questions to test your knowledge of the information in Lesson 1, "Managing BitLocker." The questions are also available on the companion DVD if you prefer to review them in electronic form. Note ANSWERS Answers to these questions and explanations of why each answer choice is correct or incorrect are located in the "Answers" section at the end of the book.
1. Which of the following policies must you configure when setting up a DRA to recover the operating system volume for BitLocker (Choose all that apply; each answer forms part of a complete solution.) A. B. C. D. E. Computer Configuration\Administrative Templates\Windows Components\Provide The Unique Identifiers For Your Organization Computer Configuration\Administrative Templates\Windows Components\Choose Default Folder For Recovery Password Computer Configuration\Administrative Templates\Windows Components\Choose How Users Can Recover BitLocker-Protected Drives Computer Configuration\Windows Settings\Security Settings\Public Key Policies\ BitLocker Drive Encryption Computer Configuration\Administrative Templates\Windows Components\ BitLocker Drive Encryption\Operating System Drives\Choose How BitLockerProtected Operating System Drives Can Be Recovered
2. You want to block users from writing data to removable drives if those drives are not BitLocker-protected. Users should not be able to write data to drives configured with BitLocker by organizations other than your own. Which of the following policies must you configure to accomplish this goal (Choose all that apply; each answer forms part of a complete solution.) A. B. C. D. Control Use Of BitLocker On Removable Drives Store BitLocker Recovery Information In Active Directory Domain Services Deny Write Access To Removable Drives Not Protected By BitLocker Provide The Unique Identifiers For Your Organization
3. Which of the following policies should you configure to allow a computer without a TPM chip that is running Windows 7 Enterprise to utilize BitLocker to protect its hard disk drive A. B. C. D. Require Additional Authentication At Startup Allow Enhanced PINs for Startup Configure TPM Platform Validation Profile Configure Minimum PIN Length For Startup
4. Which of the following BitLocker policies should you configure to ensure that BitLocker To Go Reader is available on all FAT-formatted removable devices protected with BitLocker A. B. Configure Use Of Passwords For Removable Data Drives Allow Access To BitLocker-Protected Removable Data Drives From Earlier Versions Of Windows C. Choose How BitLocker-Protected Removable Drives Can Be Recovered D. Control Use Of BitLocker On Removable Drives 5. Which of the following tools can you use to determine the identification string assigned to a BitLocker-protected volume A. Manage-bde.exe B. Cipher.exe C. Bcdedit.exe D. Sigverif.exe Answers 1. Correct Answers: A, D, and E A. Correct: A BitLocker-encrypted volume must be configured with a unique identifier to be used with a DRA. You must configure the Prove The Unique Identifiers For Your Organization policy to assign this identifier. B. Incorrect: The Choose Default Folder For Recovery Password policy allows the recovery password to be saved in a particular location. A recovery password is different for a DRA, which involves a special certificate that can be used to recover all BitLocker-encrypted volumes in an organization. C. Incorrect: The Choose How Users Can Recover BitLocker Protected Drivers policy specifies whether recovery occurs via a password or a USB flash drive and key. This is separate from a DRA, which involves a special certificate that can be used to recover all BitLocker-encrypted volumes in an organization. D. Correct: You need to specify the DRA to be used in the Computer
Configuration\Windows Settings\Security Settings\Public Key Policies\BitLocker Drive Encryption policy to configure BitLocker to support DRAs. E. Correct: You need to configure the Choose How BitLocker-Protected Operating System Drives Can Be Recovered policy and specify that a DRA can be used to recover protected operating system drives. 2. Correct Answers: C and D A. Incorrect: The Control Use Of BitLocker On Removable Drives policy allows BitLocker to be used on removable drives. You cannot use this policy to restrict usage of removable drives only to those configured with BitLocker. B. Incorrect: The Store BitLocker Recovery Information In Active Directory Domain Services policy, which applies to clients running Windows Vista rather than Windows 7, allows for BitLocker recovery keys to be stored within AD DS. You cannot use this policy to restrict usage of removable drives only to those configured with BitLocker. C. Correct: You need to configure the Deny Write Access To Removable Drives Not Protected By BitLocker policy. This policy allows you to deny write access to drives not protected by BitLocker and to specify which BitLocker identifiers are associated with your organization. D. Correct: The Provide The Unique Identifiers For Your Organization policy allows you to specify which BitLocker identifiers are associated with your organization. If the BitLocker identifier that is used with a removable device does not match one of the identifiers configured in this policy and the Deny Write Access To Removable Drives Not Protected By BitLocker policy is configured appropriately, users are unable to write data to these removable devices. 3. Correct Answer: A A. Correct: By configuring the Require Additional Authentication At Startup policy, it is possible to disable the BitLocker requirement that a computer have a compatible TPM chip. B. Incorrect: The Allow Enhanced PINs for Startup policy allows you to use an enhanced PIN with startup. Configuring this policy does not allow you to bypass the BitLocker requirement for a TPM chip. C. Incorrect: The Configure TPM Platform Validation Profile policy configures how the TPM chip secures the BitLocker encryption key. Configuring this policy does not allow you to bypass the BitLocker requirement for a TPM chip. D. Incorrect: The Configure Minimum PIN Length For Startup policy allows you to configure a minimum PIN length for the startup PIN. Configuring this policy does not allow you to bypass the BitLocker requirement for a TPM chip. 4. Correct Answer: B A. Incorrect: The Configure Use Of Passwords For Removable Data Drives policy allows you to configure password policies for removable data drives. You cannot use this policy to ensure that BitLocker To Go Reader is available on all FAT-formatted removable devices protected with BitLocker. B. Correct: The Allow Access To BitLocker-Protected Removable Data Drives From Earlier Versions Of Windows policy allows you to ensure that BitLocker To Go Reader is available on all FAT-formatted removable devices protected with BitLocker. C. Incorrect: The Choose How BitLocker-Protected Removable Drives Can Be
Recovered policy allows you to configure removable device recovery options. You cannot use this policy to ensure that BitLocker To Go Reader is available on all FATformatted removable devices protected with BitLocker. D. Incorrect: The Control Use Of BitLocker On Removable Drives policy determines whether you can use BitLocker with removable devices on the computer to which the policy applies. You cannot use this policy to ensure that BitLocker To Go Reader is available on all FAT-formatted removable devices protected with BitLocker. 5. Correct Answer: A A. Correct: You can use the Manage-bde.exe command-line utility to determine the identification string assigned to a BitLocker-protected volume. B. Incorrect: The Cipher.exe utility allows you to manage EFS rather than BitLocker encryption. You cannot use Cipher.exe to determine the identification string associated with a BitLocker-protected volume. C. Incorrect: The Bcdedit.exe utility allows you to manage boot configuration. You cannot use Bcdedit.exe to determine the identification string associated with a BitLocker-protected volume. D. Incorrect: The Sigverif.exe utility allows you to verify the digital signatures of files. You cannot use Sigverif.exe to determine the identification string associated with a BitLocker-protected volume. Lesson 2: Windows 7 Mobility Correctly configuring the power settings of computers, especially when there are many computers in use across an organization, can lead to substantial reductions in an organization's energy requirements. Refinements in the way that Windows 7 uses energy mean that an organization upgrading computer hardware from Windows XP to Windows 7 brings noticeable efficiencies in energy usage. This can provide two important benefits for an organization: reducing the organization's impact on the environment and reducing the amount of money spent on electricity. Offline Files is a feature relevant to portable computers that allows content that is stored on shared folders to be cached temporarily on mobile computers so that it can still be accessed and worked on when the mobile computer is no longer connected to the office environment. When the computer reconnects to the environment that hosts the shared folder, the offline content is synced, updating the content on servers and clients as necessary. After this lesson, you will be able to: Manage Offline Files. Manage Windows 7 power settings. Configure Windows 7 power policies. Estimated lesson time: 40 minutes
Offline Files The Offline Files feature of Windows 7 allows a client to locally cache files hosted in shared folders so that they are accessible when the computer is unable to connect directly to the network resource. The Offline Files feature is available to users of the Professional, Enterprise, and Ultimate editions of Windows 7. You can use the Offline Files feature to ensure access when a client computer is out of the office or when a temporary disruption, such as a wide area network (WAN) link failing between a branch office and a head office, blocks access to specially configured shared folders. When a user makes a file available for offline access, Windows 7 stores a copy of that file within a local cache. When the file server that hosts the file is no longer available, such as when a user disconnects from the network, the user can continue to work with the file stored within the local cache. When the file server that hosts the file becomes available, Windows 7 synchronizes the copy of the file in the cache with the copy of the file hosted on the shared folder. A user can make a file available offline by right-clicking the file and then clicking the Always Available Offline option, as shown in Figure 11-17. When the offline file cache becomes full, the files in the cache that are least used are dropped to make room for newer ones. Windows 7 does not remove manually cached files unless a user specifically deletes them.
Figure 11-17: Make a file available offline Files available offline are shown as Always Available in Windows Explorer. Figure 11-18 shows a file available offline named Brisbane. If a user modifies a file that she has made available offline, that file synchronizes with the shared folder when the user again connects to the network and the modified file replaces the one on the shared folder. If the file on the shared folder is changed and the file in the local cache remains unchanged, the synchronization process overwrites the file in the local cache. If both the file on the shared folder and the file in the local cache have been modified, it is necessary to use Sync Center to resolve the conflict. You will learn more about using Sync Center to resolve conflicts with Offline Files later in this lesson.
Figure 11-18: Brisbane file is Always Available The Offline Files feature in Windows 7 has the four following modes of operation: Online mode Changes made to files are applied to the file share and then to the local cache. Read requests are satisfied from the local cache. Synchronization occurs automatically and a user can initiate synchronization manually. This is the default mode of operation. Auto offline mode When a network error is detected, Windows 7 transitions to auto offline mode. File operations occur against the local cache. Windows 7 attempts to reconnect automatically every two minutes. If reconnection is successful, Offline Files automatically transitions to online mode. Manual offline mode The transition to offline mode is forced when user selects the Work Offline item in Windows Explorer. A computer must be returned to online mode manually by clicking Work Online in Windows Explorer. Slow-link mode This mode is enabled by default in Windows 7 and triggered when the link speed falls below the default value of 64,000 bits per second. This value can be configured through policy. In this mode, file operations are performed against the local cache. Users can synchronize manually, but automatic synchronization does not occur. Computer transitions to online mode when link speed exceeds configured value. Some functionalities, like the Previous Versions of Files feature that allows you to retrieve the previous version of a file from a shadow copy on the server, are not available in auto offline or offline mode. Offline File Policies You configure Offline Files through Offline Files policies, located in the Computer Configuration\Administrative Templates\Network\Offline Files node of a Group Policy Object. There are 28 policies, some of which are shown in Figure 11-19.
Figure 11-19: Offline Files policies Several important policies available in this node include: Administratively Assigned Offline Files Lists all network files and folders that are always available for offline use without requiring user interaction. Configure Background Sync This policy applies in slow-link mode and determines how often background synchronization occurs. Non-Default Server Disconnect Actions Determines whether the computer automatically goes into offline mode when computer detects that it is disconnected from offline file servers. Encrypt The Offline Files Cache Ensures that the offline files cache is encrypted. Configure Slow-Link Mode Enabled by default on Windows 7, allows the computer to use slow-link mode. Configure Slow Link Speed The bandwidth value in bits per second where a network is considered slow. Transparent Caching When you enable transparent caching, Windows 7 keeps a cached copy of all files that a user opens from shared folders on the local volume. The first time a user opens the file, the file is stored in the local cache. When the user opens the file again, Windows 7 checks the file to ensure that the cached copy is up to date and if it is, opens that instead. If the copy is not up to date, the client opens the copy hosted on the shared folder, also placing it in the local cache. Using a locally cached copy speeds up access to files stored on file servers on remote networks from the client. When a user changes a file, the client writes the changes to the copy of the file stored on the shared folder. When the shared folder is unavailable, the transparently cached copy is also unavailable. Transparent caching does not attempt to keep the local copy synced with the copy of the file on the remote file server as the Offline Files feature does. Transparent caching works on all files in a shared folder, not just those that you have configured to be available offline. Transparent caching is appropriate for WAN scenarios and has several similarities to the BranchCache feature that you learned about in 8. Some significant differences are that clients on the local area network do not share the cache and that file servers hosting the shared folders do not need to be running Windows Server 2008 R2 to support transparent
caching. It is also possible to use transparent caching on clients running Windows 7 Professional and on clients that are not members of an AD DS domain, something that is not possible with BranchCache. Windows 7 triggers transparent caching when the round-trip latency value exceeds the amount specified in the Enable Transparent Caching policy, shown in Figure 11-20. Note MORE INFO: TRANSPARENT CACHING To learn more about the transparent caching features of Windows 7, consult the following Microsoft TechNet Web page: http://technet.microsoft.com/enus/library/dd637828.aspx.
Figure 11-20: Enable Transparent Caching Offline File Exclusions Administrators can configure Offline File policies to exclude specific file types from being available offline. You can do this by configuring the Exclude Files From Being Cached Policy, as shown in Figure 11-21. File types are specified in the policy through their file name extension. For example, to block all Windows Bitmap files, use the extension designation *.bmp. When you configure this policy, users are unable to create files of this type in folders configured to be available offline.
Figure 11-21: Offline file exclusions Using Sync Center You can use Sync Center to synchronize files, manage offline files, and resolve synchronization conflicts manually. Sync Center is located within the Control Panel or by typing Sync Center into the Search Programs and Files text box on the Start menu. Clicking Manage Offline Files opens the Offline Files dialog box, shown in Figure 11-22. This dialog box is also available using the Offline Files control panel. Using this dialog box, you can disable offline files, view offline files, configure disk usage for offline files, configure encryption for offline files, and configure how often Windows 7 should check for slow network conditions.
Figure 11-22: The Offline Files dialog box A sync conflict occurs when changes occur to a file made available offline both on the file server and within the local cache. For example, Kim Akers makes a file named Brisbane. doc available offline. Kim takes her portable computer home and works on the file over the weekend. Sam Abolrous goes into the office on the weekend and works on the copy of Brisbane. doc stored on the file server. When Kim reconnects her portable computer to the network, Sync Center notifies her that there is a sync conflict. Kim can then use this tool to resolve the conflict between the file she modified at home and the file Sam modified on the file server. You can see a list of files where there has been a problem during synchronization if you click View Sync Conflicts in Sync Center, as shown in Figure 11-23.
Figure 11-23: View sync conflicts When you click Resolve within the View Sync Conflicts area, you can choose among three actions:
Keep the local version The version of the file that is stored on the local computer will be kept. This version overwrites the changed version of the file on the file share. Keep the server version The version of the file that is stored on the file share is kept, and the changes made to the local version are lost. Keep both versions The version on the local computer is renamed and then saved to the file share. The version of the file on the file share keeps the original name. Figure 11-24 shows these options as applied to the earlier example of Kim Akers and the modified offline file.
Figure 11-24: Resolve the conflict Configuring Shared Folders for Offline Files Users can make files available offline only if the shared folder that hosts these files supports offline files. You can configure a shared folder on a computer running Windows 7 to support offline files by performing the following steps: 1. 2. 3. Edit the properties of the folder that you want to configure to support offline files. On the Sharing tab, click Advanced Sharing. In the Advanced Sharing dialog box, click Caching. This brings up the Offline Settings dialog box, shown in Figure 11-25. Use this dialog box to choose between allowing only the files that a user specifies to be available offline, all files to be available offline, or no files to be available offline.
Figure 11-25: Configure offline settings Quick Check What are some of the differences between transparent caching and BranchCache when it comes to shared folders on remote networks Quick Check Answer Transparent caching does not require file servers running Windows Server 2008 R2. Transparent caching does not use a shared file cache. Windows 7 Professional supports transparent caching. Transparent caching can be used with computers that are not members of a domain.
Windows 7 Power Configuration Power plans are collections of settings that specify how a computer running Windows 7 uses energy. A new computer running Windows 7 comes with three power plans named High Performance, Balanced, and Power Saver. Many original equipment manufacturers (OEMs) also supply their own custom Windows 7 power plans that they may precisely optimize for a specific hardware configuration. In general, the High Performance power plan allows hardware to run at its maximum speed but uses more energy, and the Power Saver plan configures hardware devices in such a way that they use less energy with a corresponding reduction in performance. When a portable computer is running on battery power, it runs for a shorter amount of time before the battery drains completely when configured to use the High Performance power plan compared to when the same computer is set to use the Power Saver power plan. You can use the Power Options control panel, shown in Figure 11-26, to select a power plan for a client running Windows 7. The default power plan for a newly installed client running Windows 7 is Balanced.
Figure 11-26: Select a power plan Windows 7 allows you to configure basic and advanced settings for each plan. The settings that you can configure depend on your computer's hardware configuration. The Edit Plan Settings dialog box, shown in Figure 11-27, allows you to configure a plan's basic settings. Some computers do not support the Dim The Display or Adjust Plan Brightness settings. When you configure the basic settings of a plan, you configure different values for when the computer is plugged in or when the computer is running on internal battery power. On desktop computers that do not use an internal battery, it is possible to configure only the Plugged In settings.
Figure 11-27: Configure basic plan settings A user who has an account that is not a member of the local Administrators group is able to modify what the power and sleep buttons do. If they are able to elevate privileges, they can also specify whether a password is required when the computer wakes from the sleep state. You can configure these options by clicking Choose What The Power Buttons Do, which opens the Power Options System Settings dialog box, shown in Figure 11-28. The options that you can configure are Sleep, Hibernate, Shut Down, and Do Nothing.
Figure 11-28: Configure power buttons Windows 7 supports the following sleep, shutdown, and hibernation modes: Sleep When Windows 7 is in the Sleep state, the processor and the majority of system devices are in a turned-off state. The computer's RAM remains in a turned-on state so that it can maintain the user's open applications and documents. Devices that are configured to wake the computer from sleep, such as USB mice, keyboards, and network cards, remain in a turned-on state. If the computer is not woken after a configurable amount of time, the computer transitions to the Hibernate state. You can wake a computer from sleep by using the keyboard or mouse. Hybrid Sleep Hybrid Sleep is a power-saving feature that is used with desktop computers that do not have a battery-based power backup. If a desktop computer is in Sleep mode and suffers an interruption to its power supply, data loss may occur. The contents of the computer's RAM are stored both in the RAM in a low-power state and as a special file on the hard disk. When the Hybrid Sleep option is enabled, computers put to sleep use Hybrid Sleep rather than ordinary Sleep mode. Hibernate When Windows 7 is in the Hibernate state, all devices are turned off and the contents of the computer's RAM are stored in a special file on the operating system volume. All devices are in a turned-off state. You can turn on a computer that is hibernating only by using the power buttons. Shutdown In the Shutdown state, the contents of RAM are not preserved. All devices are in a turned-off state.
Copyright © OnBarcode.com . All rights reserved.