Managing Offline Files
Whether you use folder redirection or home directories, laptop users get upset when they cannot access their files. The answer to their dilemma is offline files. With this feature, a user can mirror his server-based files to his local laptop. When the user connects back to the network again, changes made to the offline files are synchronized with the copies on the server and civilization is saved.
Additional Uses for Offline Files
The names used by Microsoft for offline files varies depending on the perspective. At the server, the technology is called client-side caching. At the client, the technology is called offline files. But whatever you call it, the feature has applications in addition to helping laptop users. For example:
Local access to large files.
It can be difficult to work on huge files stored on a server. Graphic designers and CAD operators typically copy big files to their local hard drives to work on them during the day then copy them back in the evenings. Sometimes they forget, though, and you can help to automate the synchronization process by using offline files.
File availability during network outages.
Sporadic outages are darned near unavoidable, but users get cynical during prolonged periods of instability. They start keeping their files on their local drives. If your end users show reluctance to save their files on servers, offline files can be a way to lure them back onto the network again.
Users often want to run network-based applications while they're on the road. Instead of installing the applications on the laptops, you can use offline files to store cached copies of the executables.
Inappropriate Uses of Offline Files
Offline files are not the solution to every mobile user's problems. Here are instances where offline files are not a good solution:
Files accessed by multiple users.
Imagine files accessed by several different users who make modifications at their laptops while they are offline and then sync up. The last user to sync will overwrite all the other's changes. They won't be happy. You won't be happy.
You definitely do not want to cache database files. The synchronization process may get the changed data file but miss a transaction log or a change to a support file.
Client/server application files.
Don't use offline files to save a local copy of client/server configuration files if the application makes its own caching provisions.
If you run Microsoft Outlook in Corporate Workgroup mode, users can store offline folders and archives in a local PST (Personal Store) file. Outlook handles the synchronization between the Exchange information store and the local PST. Don't layer this synchronization with offline file synchronization. This will cause data corruption.
The system automatically filters for file types that meet the criteria listed above. This includes files with the following extensions:
.mdb, .mdw, .mde, and .ldb (Access)
.slm (Visual Sourcesafe)
If you have files with these extensions in a folder, the system will refuse to configure the folder for offline files. If a folder has been configured for offline files, the system will refuse to put a file with one of these extensions in the folder.
The extensions are hard-coded into the client-side caching service. You can override them with a group policy called Files Not Cached. This policy is in Computer Configuration | Administrative Templates | Network | Offline Files.
Use caution when enabling the Files Not Cached policy. It completely overrides the default extensions. If you have an extension that you want to add to the list, be sure to include all the rest from the preceding list.
Offline Files and Remote Desktop
Offline files are disabled on machines that have Remote Desktop enabled. This includes all servers running Windows Server 2003 because Remote Desktop is enabled by default. If you are running Windows Server 2003 on a laptop for testing, or you have some other reason for enabling offline folders on a server, you can disable remote desktop on the server as shown in Procedure 19.3.
Procedure 19.3 Disabling Remote Desktop
Right-click My Computer and select PROPERTIES from the flyout menu. This opens the Properties window.
Select the Remote tab.
Uncheck the Allow Users To Connect Remotely To This Computer option.
Click OK to save the change. This will not disconnect any current remote desktop users. You may need to log them off the server or restart before you get the offline file option.
You can enable Remote Desktop at any time by reselecting the Allow Users To Connect Remotely To This Computer option. If you have enabled offline files in the meantime, you must first disable it before enabling Remote Desktop connections.
The same restriction to offline files applies to standalone XP desktops with Fast User Switching enabled. This should not be a problem in a corporate environment because Fast User Switching is disabled when you join a desktop to a domain. If you have users at standalone XP desktops that connect to shared folders on servers running Windows Server 2003 or Windows 2000 and the users want to enable offline files, you must disable Fast User Switching. Select the User Accounts option in the new Control Panel interface and select Change The Way Users Log On Or Off. Uncheck the Fast User Switching option and save the change.
Configuring Client-Side Caching at the Server
Client-side caching is controlled at the server using parameters associated with the share point. In the Sharing tab of a shared folder, click Caching. This opens a Caching Settings window. Figure 19.5 shows an example.
Figure 19.5. Caching Settings window for a shared folder showing the default caching option.
There are three cache configuration options. They are differentiated by how the client selects items to be cached and how the server handles file changes.
Manual Caching of Documents
This is the default caching option. In this option, the user must decide which files to save offline. This is called pinning. The name of this option is a little deceiving because a user can pin executables as well as data files.
A file or folder is pinned using the Make Available Offline option in the PROPERTIES menu of the file or folder. A pinned file or folder displays an icon with a blue, double-headed arrow.
When a user opens a pinned file, the system checks the server copy to see if any changes have occurred. If not, the local copy is opened. If changes have been made at the server, the server copy is downloaded into the local cache then the local copy is opened.
As long as the client keeps the local copy open, the server copy is kept locked. This prevents someone from modifying the server copy from another source. Unfortunately, it is up to the application to use locks and to look for locks. For example, Microsoft Word is a good neighbor and refuses to open a locked file. Notepad, on the other hand, ignores locks and opens any file you point it at.
Automatic Caching of Documents
With this option, the user is not required to pin a file to cache it. Local copies are cached whenever the user opens a file in the shared folder.
If a file has been automatically cached, the icon does not display any special insignia. If a user expects to see certain files when offline, the user should manually pin the files to make sure they will be available.
As with manually pinned files, when a user opens an automatically cached file, the server copy is checked first to see if it is different than the local copy. The locally cached copy is used for reading and any changes are made to both the local copy and the server copy. The server copy is kept locked.
When a user creates a new file in a share configured for automatic caching, the file is also cached locally. If a file is created at the server by someone else, it will appear in the file list in Explorer but it will only be cached if the user opens the file. Train your users with the following mantra, "To see the file later, open it now."
Automatic Caching of Programs and Documents
This option differs from the other automatic caching option only in the way it handles file locks. Data files are locked but executables are not. This is supposed to reduce network traffic, although eliminating a few Server Message Block (SMB) packets doesn't seem like much of a savings. For the most part, avoid this configuration and stick with Use Automatic Caching of Documents. Use this option only if you have a legacy application that does not behave well when multiple users access it.
There is a fourth option, of course. You can just say no to offline files and disable caching at the server. This must be done for each share point where you do not want to permit caching. For instance, if you have a share point that holds gigs and gigs of executables and you don't like the idea of users pinning all those files to their local cache, disable caching at the share.
You can also disable offline files at the clients. By default, offline files are enabled for XP desktops and disabled for servers running Windows Server 2003. The toggle is exposed in the TOOLS | FOLDER OPTIONS menu of any folder. Figure 19.6 shows an example. You can also configure the setting from Appearance and Themes | Folder Options in the new Control Panel interface.
Figure 19.6. Folder Options showing the Offline Files tab.
When you select the Enable Offline Files option, the client becomes aware of any shares that have been configured for automatic caching, so be sure you have sufficient disk space. By default, the offline file cache can take up to 10 percent of the drive. Users are not warned if the cache gets full. Older files are pushed out of the cache when the cache size reaches its limit.
The default location of the offline file cache is a hidden folder called \Windows\CSC. If you prefer not to have this folder on the C drive, you can move it to another location using the Cachemov utility that comes in the Resource Kit. This is a GUI application that presents a pick list of the fixed disks on your system and their free space. You cannot move the cache to a removable media disk.
The Registry entries that control client-side caching are as follows:
Key: HKLM | Software | Microsoft | Windows | CurrentVersion |
Values: DefCacheSize (REG_DWORD) - Contains cache size in hex
Enabled (Dword) - flag is 1 for enabled, 0 for disabled
EncryptCache (Dword) - flag is 1 to encrypt entire cache, 0 to
Keeping offline files at a client in sync with the files on a server, and doing so in a way that doesn't confuse a user, is a trick that took Microsoft years to master. After a series of almost-but-not-quite solutions, the job of keeping files in sync falls on the Synchronization Manager, or Mobsync.exe.
In addition to managing offline files, Synchronization Manager also handles offline web pages in Internet Explorer 5.0 and later. (You get a copy of Mobsync.exe when you install IE on a Win9x or NT machine.)
You'll find the Registry settings for Synchronization Manager in the following:
Key: HKLM | Software | Microsoft | Windows | CurrentVersion |
There are very few user-serviceable parameters. All known parameters have a setting in the User Interface (UI).
Synchronization Manager Options
Synchronization Manager does not run continuously. It performs its duties only when told to do so. By default, this is when the user logs on and off. You can configure it to synchronize at other times using one of three interfaces:
We've already seen the Folder Options settings. Figure 19.7 shows the Synchronization Manager interface. Open this via START | PROGRAMS | ACCESSORIES | SYNCHRONIZE.
Figure 19.7. Synchronization Manager interface.
Click Setup to open the Synchronization Settings window shown in Figure 19.8.
Figure 19.8. Synchronization Settings options.
The When I Am Using This Network Connection option will only list one LAN interface, even if you have multiple network cards in the machine. The remaining entries in the pick list, if any, represent dial-up connections. You can use these settings to configure special synchronization settings for slow connections. Ordinarily, no synchronization occurs for lines that run slower than 500Kbps.
Offline files stored at the client are cataloged in a CSC (Client-Side Caching) database. This database can become corrupted. Symptoms include inability to open files, files that appear only when offline, and Event log entries warning of corruption.
If these or other symptoms occur, you can try deleting files out of the client-side cache using the Folder Options | Offline Folders window then resynchronizing.
If this fails, initiate a full resync in the Folder Options | Offline Folders window by pressing the Ctrl+Shift keys then clicking Delete. This will cause a complete loss of any locally cached files, so make sure the server copies are up-to-date or make copies of the cached files. The computer must be restarted to complete this evolution.
If the server copy of a file changes while a user is offline, Synchronization Manager must figure out what to do when the user reconnects. There are three potential scenarios:
Client copy did not change.
In this case, the server copy overwrites the local copy with no notice given to the user.
Server copy was deleted.
In this case, the local copy at the client is retained but only displayed when the user is offline. This "phantom" copy can be disconcerting to users. If the file is no longer needed, you can walk the user through deleting the file while offline. If the file is needed, make a copy of it into another location while offline and delete the original. Then, resync online and copy the file back into the folder.
Client copy also changed file changed.
In this scenario, the user is given a Resolve File Conflicts window to help Synchronization Manager decide what to do. Figure 19.9 shows an example.
Figure 19.9. Resolve File Conflicts window.
The user resolves the conflict by selecting which copy to retain or by choosing to retain both copies by renaming the local copy. The user can view the files before making the decision. A savvy user can generally resolve a file conflict correctly. Less sophisticated users might be thrown off by the file location, which uses a UNC path. Don't be surprised if you get Help Desk calls with lots of forward-slash/back-slash conversations.
Offline Files and File Encryption
The files stored on a laptop often have more value than the laptop itself. Protecting those files with NTFS permissions won't stop a criminal. If the person who steals your laptop doesn't know how to hack the admin password, you can bet the fence knows how, or at least knows someone who knows how. The best protection is file encryption.
In Windows 2000, users were not able to encrypt the files in the offline file cache. This exposed server-based information to prying eyes. It was a critical deficiency and prevented many organizations from implementing offline folders.
In Windows Server 2003/XP, users can encrypt the contents of the offline cache. The local encryption status is completely independent of the encryption status at the server. This makes offline files a secure medium for transporting files on laptops.
To enable offline file encryption, select the Offline Files tab in the Folder Properties window and select Encrypt Offline Files to Secure Data. Make sure the laptop is a member of a domain and that you are logged on to the domain and not the local SAM. This ensures that the domain Administrator account is the Data Recovery Agent. See Chapter 17, "Managing File Encryption," for details.
Offline Files and Group Policies
Rather than configure the offline file settings at each client, you can use group policies. The policy settings are located under Computer Configuration | Administrative Templates | Network | Offline Files. In broad terms, these policies control the following:
Enabling/disabling offline folders at clients and client-side caching at servers
Setting synchronization events (logon/logoff/suspend)
Disabling offline folder configuration items in Folder Options and Control Panel
Disabling the user's ability to pin offline files
Controlling the reminder balloons popped up by Synchronization Manager
Encrypting offline files
Set a different slow link speed (the default is 500Kbps)
Set the default offline cache size (in percentage of disk space)
Select file extensions that are not permitted to be stored in offline files
When setting group policies for offline files, keep in mind that your target audience uses laptops, which may not be online when you set the policy. Users who dial in from home receive Administrative Template policies and will see your policy changes but any new synchronization actions you prescribe will not take effect until the user connects to the network.
You may want to create a group called Laptop Users and target the group policy at that group. This avoids potentially creating offline file policies that affect desktop users.
Offline Files Operational Checklist
Here are a few key points to remember when working with offline files:
All server-based shares are configured for Manual Caching of Documents by default. This requires the users to pin any files they want to keep offline.
If you want to use automatic caching, select the Automatic Caching for Documents option rather than Automatic Caching for Documents and Programs to assure proper file locking.
Files in a share point configured for automatic caching are not cached locally until they are opened. Train your users accordingly.
When working with cached data files on the network, the local copy is always used for read access. Writes go to both copies at the same time.
If a server file is modified and the user modifies the same file offline, a Resolve File Conflicts window walks the user through the corrective actions.