NTFS5's new features appeal to Win2K users

I've had a love-hate relationship with NTFS since the Windows NT 3.1 days. Back then, Microsoft hyped NTFS as the ultimate file system—ultrareliable, secure, and capable of supporting disks of almost unlimited size. In addition, NTFS was the first Microsoft file system to offer long filename support.

However, NTFS didn't live up to the hype, especially for desktop users. NTFS's reliability and security features benefitted mainly network servers, not desktops. Moreover, if you formatted your hard disk with NTFS and your system later developed a problem, few tools were available to find or fix the problem. When Windows 95 came out, long filename support became available in the DOS-compatible FAT16 file system. With FAT16, you could reboot your system from a DOS disk and use DOS tools to troubleshoot the hard disk.

Through the years, NTFS has gained a few additional features—notably compression—but for many NT desktop users, FAT16 is a simpler and faster way to go. However, in Windows 2000, Microsoft seems determined to make NTFS 5.0 (NTFS5) the default file system for server and desktop systems.

Win2K and NTFS5
Win2K's documentation makes clear Microsoft's determination to use NTFS5 as the default file system for Win2K, stating that Microsoft includes FAT16 in Win2K only to support upgrades from legacy OSs. Win2K includes support for the more sophisticated FAT32 file system that Win95 OEM Service Release (OSR) 2.0 and later uses, but if you install Win2K from scratch, you'll get NTFS partitions by default. If you upgrade a system that has FAT16 partitions, Win2K Setup will offer to convert them to NTFS.

NTFS5 is different from NTFS 4.0, so users who dual-boot between Win2K and NT 4.0 need to apply Service Pack 4 (SP4) or later; otherwise, NT 4.0 can't read the new disk format. NTFS5 includes revisions to fix bugs that appeared in earlier NTFS versions, and it offers two significant new features: encryption and disk quotas. (For more information about NTFS5, see Sean Daily, "NTSF5 vs. FAT32," April 2000.)

Converting to NTFS from FAT
Although you can automatically convert a volume to NTFS during Win2K Setup, manually converting to NTFS from a FAT16 or FAT32 partition requires you to use the Convert command-line function. Convert's syntax is

convert x: /fs:ntfs /v

where x is the drive or partition you want to convert from FAT to NTFS. The /v option specifies a verbose mode in which Win2K will present you with informative messages about each step of the conversion process.

If you attempt to run Convert on the partition on which you've installed the Win2K system files, Win2K displays the following message: Convert cannot gain exclusive access to the C: drive so it cannot convert it now. Would you like to schedule it to be converted the next time the system restarts \[Y/N\]? If you type Y, the system will automatically convert the drive's FAT files to NTFS after the next reboot. The conversion took less than 10 minutes on a Dell Latitude CPi notebook with a 300MHz Pentium II processor, 128MB of RAM, and a 2GB hard disk containing more than 17,000 files.

Compression
Win2K uses a lot of disk space—more than 1GB in most installations. Fortunately, large hard disks are inexpensive; but buying a new hard disk isn't always an option. If you're running out of disk space on an NTFS partition, you can compress files or folders that are on the partition. NTFS's compression scheme uses Lempel-Ziv encoding (the same scheme that .gif files on the Web use) and is particularly effective on text files, which it can usually shrink by about 90 percent.

To compress a file or folder on an NTFS partition, open My Computer, drill down to the file or folder you want to compress, and right-click the file or folder. Select Properties from the resulting menu, and click Advanced on the General tab in the Properties dialog box. In the Advanced Attributes dialog box, select the Compress contents to save disk space check box, then click OK. Click OK again to close the Properties dialog box. The system will ask you to confirm that you want to compress files and whether you want to do so for only the selected file or folder or for all subfolders and files. Alternatively, you can use the Compact command-line function. (For details about using the Compact command, you can enter compact /? from a Win2K command prompt.) You can also use Disk Manager to compress an entire partition.

Encryption
Encryption, a new feature in NTFS5, fills a major hole in the NTFS default security scheme, which doesn't encrypt data on the disk. A user with administrative permission can access any file on the system, and someone who can get physical access to the system and use a 3.5" disk to boot another OS can use a low-level sector-editing tool to look at data on any part of a disk. Encryption addresses this problem by applying the same 128-bit coding scheme to files that Win2K uses to protect passwords. The resulting files are thoroughly scrambled, and only the users who created the encrypted files can access them.

To encrypt a file or folder on an NTFS partition, open My Computer and right-click the file or folder you want to encrypt. On the resulting pop-up menu, select Properties and click Advanced on the General tab in the resulting Properties dialog box. In the Advanced Attributes dialog box, select the Encrypt contents to secure data check box, then click OK. Click OK again to dismiss the Properties dialog box. The system will ask you to confirm that you want to encrypt only the file you've selected or the file and its parent folder. You can also use the Cipher command-line function to encrypt folders and files. (For information about using this command-line function, you can enter cipher /? from a Win2K command prompt.)

If you run a dual-boot system with Win2K and NT 4.0, NT 4.0 won't be able to read encrypted files even if you've installed SP4 or later. Attempting to open an encrypted file in NT 4.0 produces an Access Denied error message. However, NT 4.0 lets you see the filenames and folder names.

Quotas
NTFS5 adds a new disk-space quota feature. This feature is mainly for administrators' use—it lets you limit disk-space use on a per-volume or per-user basis.

To set quotas for a volume, open My Computer, right-click the volume you want to set quotas for, and select Properties from the resulting pop-up menu. Click the Quota tab on the Properties dialog box (if you don't find a Quota tab, the volume isn't formatted with NTFS). Select the Enable quota management check box, which determines whether quotas apply to the volume. After you select this box, the system presents you with options to limit the total disk space that a volume occupies and to deny disk space to users who exceed the limit. You can also set a warning level that will generate an administrative event before the system starts denying disk space.

To set limits for specific users, go to My Computer, right-click the appropriate volume, and select Properties. On the Quota tab, click Quota Entries. This action brings up a dialog box in which you can create entries for specific users. By default, the dialog box will have an entry for the built-in administrator account, which has no specified limit. You can't change this default setting for the administrator (though you can specify a warning level), but you can set limits for other users.

Quotas are mainly for network administrators' use. However, if you run a Win2K Professional desktop at home and let other family members use the PC, you might want to consider setting up quotas for the kids. Quotas will prevent the children from filling up the hard disk with unauthorized downloads.

NT 4.0 doesn't support quotas, even when the OS uses NTFS5 and SP4 or later. However, this lack of support is benign; NT 4.0 simply ignores the quota settings.

NTFS Performance
Table 1 summarizes the results of BAPCo SYSmark 2000 benchmark tests I performed to determine NTFS5's effect on performance. I performed the tests on a Dell Latitude CPi with 128MB of RAM, running Win2K Pro. The results reflect the combination of applications in SYSmark 2000's Internet Content Creation and Office Productivity tests; higher results show better performance. Because I performed the tests on a notebook PC that has a slow hard disk, you might see better scores on a desktop system.

Compression and encryption are mutually exclusive options—you can choose one or the other, but not both. In my tests, I encrypted or compressed only the SYSmark 2000 files—encrypting or compressing the system files as well would have slowed performance even more. If you compress files because you're running out of space on a nearly full disk, you'll probably experience fragmentation, causing the system to run even more slowly. In no case should you ever compress Win2K's Virtual Memory pagefile.

The trend is clear—NTFS is still a bit slower than FAT16, but only by about 3 percent. Turning on compression makes NTFS a bit slower, and encryption makes it slower still—but only by about 10 percent. That performance hit is a minor one if you really need encrypted data.

I've never been a fan of NTFS, and for years, I've recommended that desktop users avoid it. However, working with NTFS5 now has forced me to rethink this position. FAT16 still gives you a slight performance advantage over NTFS5 (as well as Win98 compatibility for users who dual-boot regularly), but NTFS5's additional features provide advantages for many users.