Control Data Sprawl with File Classification in Windows Server 2008 R2

While many businesses work with SharePoint Server to store files for important projects, file servers still play a role in most corporate environments. File Classification helps system administrators better manage data stored on servers and prioritize critical data for retention and e-discovery purposes.

File servers often contain unwieldy folder hierarchies that evolve over time without any particular planning for how data might be best structured to ensure it can be managed effectively. Without knowing where critical business data is located, file management becomes an almost impossible task. Sysadmins must rely on users to store documents in the right places so that security can be set appropriately and stale data can be archived to reduce storage costs.

How Does File Classification Work?

The File Classification Infrastructure (FCI) is new in all editions of Windows Server 2008 R2. It allows files to be classified automatically based on location or content, manually from Microsoft Office 2010 and via an Application Programming Interface (API) using scripts or FCI-compatible applications. Classification Properties can be defined to add classification information to files. Any file stored on a New Technology Files System (NTFS) volume can be classified. Microsoft Office files store classification information within the document as well as in the NTFS Alternate Data Stream, so if a file is moved to a non-NTFS volume, it will retain its file classification properties.

Once classified, files retain the original folder hierarchy even after they expire and are moved to an assigned directory. Other management tasks can be automated using custom commands, based on classification information or additional criteria. File owners can also be notified of tasks pending on their files by e-mail. The reporting feature allows sysadmins to generate reports in a variety of formats that provide an overview of where files are located on a server based on classification information.

Classification Properties

Classification Properties define the form in which classification information can be added to files when a Classification Rule is applied. Classification Properties don’t contain any information about the final classification of files. FCI supports seven different property types:

FCI Configuration Basics

Let’s start by installing the File Server Resource Manager (FSRM) on your file server and defining three Classification Properties that can be used to assign classification information to files:

1. Log in to Windows Server 2008 R2 as a domain or local administrator.
2. Start the PowerShell console from the Task Bar, type Import-Module servermanager and press Enter.
3. Type Add-WindowsFeature FS-Resource-Manager and press Enter. Once FSRM installation is complete, close the PowerShell console.
4. Open the File Server Resource Manager console from Administrative Tools on the Start menu.
5. In the left pane, expand Classification Management, right click Classification Properties and select Create Property from the menu.
6. Type Personal_Info into the Property name field, leave the default Property type set to Yes/No and click OK.
7. Create a second Property called Business_Impact, this time selecting Ordered List as the Property type.
8. Double click the empty table cell under Value and type High. Optionally you can add a description in the same way. Repeat this process, adding Medium and Low as shown in Figure 1 and click OK.
   
   
9. Finally, create a third Property called Project_Name, select String as the Property type and click OK.

Now that you’ve defined some Classification Properties, you need to create one or more Classification Rules to classify files based on their location or content. Create three rules to identify files that contain the word Contoso and classify each file with a Project_Name of Contoso, Business_Impact as High and Personal_Info as No.

1. Right click Classification Rules in the left pane of FSRM, and select Create a New Rule from the menu.
2. In the Classification Rule Definitions dialog, give the new rule a name, and then click Add under Scope. On this file server, all user-created content is stored in a folder hierarchy under c:\user files. Choose a path as appropriate in the Browse For Folder dialog, and click OK.
3. Switch to the Classification tab. Set the Classification mechanism to Content Classifier, Property name to Project_Name and Property value to Contoso (Figure 2).
   
   
4. Click Advanced. In the Additional Rule Parameters dialog, switch to the Additional Classification Parameters tab. Type String into the Name cell, set Value to Contoso and click OK (Figure 3).
   
   
5. Click OK in the Classification Rule Definitions dialog to complete the rule configuration.

FCI uses Windows Search to identify content in files. Classification Parameters can be set to String, StringCaseSensitive or RegularExpression (more information on using .NET Regular Expressions for matching text can be found here). You must set up multiple rules if you need to search for multiple strings or expressions. The Content Classifier combines multiple rules so that files are searched only once. Repeat steps 1 through 5 to create two more rules to set Business_Impact as High and Personal_Info as No, and don’t forget to click Advanced each time to set Additional Classification Parameters.

The process of automatically classifying files can be run on demand or according to a schedule.

1. To set a schedule, right click Classification Rules in the left pane of FSRM and select Configure Classification Schedule from the menu.
2. Click Create on the Automatic Classification tab of FSRM’s Options dialog.
3. In the new Schedule dialog, click New on the Schedule tab.
4. Modify the schedule as required and click OK.
5. Click OK in FSRM’s Options dialog (Figure 4).
   
   

To test the new Classification Rules, make sure there is at least one file in c:\user files, or equivalent directory, that contains the word Contoso.

1. Right click Classification Rules in the left pane of FSRM again and select Run Classification With All Rules Now from the menu.
2. In the Run Classification dialog, select Wait for classification to complete execution and click OK.
3. Once completed, Internet Explorer will open showing an Automatic Classification report (Figure 5).

Archiving Stale Data

The Contoso project was completed two years ago and all related files can be archived. Now let’s set up a management task to move all files classified as Project_Name=Contoso to a directory called Expired.

1. Right click File Management Tasks in FSRM and select Create File Management Task from the menu.
2. Enter a Task Name, and click Add under Scope to specify the c:\user files directory.
3. On the Action tab, set Type to File Expiration from the menu, and set the Expiration directory, in this case c:\expired.
4. Now you need to restrict expiration to files that are classified as Project_Name=Contoso. Switch to the Condition tab and click Add. In the Property Condition dialog, select Project_Name from the Property menu. Set the Operator to Equal, Value to Contoso and click OK (Figure 6).
   
   
5. Switch to the Schedule tab and click Create.
6. In the new Schedule dialog, click New on the Schedule tab.
7. Modify the schedule as required and click OK.
8. Click OK in the Create File Management Task dialog.
9. Right click the new task in the central pane of FSRM and Run File Management Task Now from the menu.
10. In the Run Classification dialog, select Wait for classification to complete execution and click OK.
11. Once completed, Internet Explorer will open showing a File Management Task Report.

You should see that any files containing the word Contoso have been moved to the c:\expired folder.