1.1 Glossary
This document uses the following terms:
Active Directory: The Windows implementation of a general-purpose directory service, which uses LDAP as its primary access protocol. Active Directory stores information about a variety of objects in the network such as user accounts, computer accounts, groups, and all related credential information used by Kerberos [MS-KILE]. Active Directory is either deployed as Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS), which are both described in [MS-ADOD]: Active Directory Protocols Overview.
Active Directory Domain Services (AD DS): A directory service (DS) implemented by a domain controller (DC). The DS provides a data store for objects that is distributed across multiple DCs. The DCs interoperate as peers to ensure that a local change to an object replicates correctly across DCs. AD DS is a deployment of Active Directory [MS-ADTS].
Active Directory Lightweight Directory Services (AD LDS): A directory service (DS) implemented by a domain controller (DC). AD LDS is a deployment of Active Directory [MS-ADTS]. The most significant difference between AD LDS and Active Directory Domain Services (AD DS) is that AD LDS does not host domain naming contexts (domain NCs). A server can host multiple AD LDS DCs. Each DC is an independent AD LDS instance, with its own independent state. AD LDS can be run as an operating system DS or as a directory service provided by a standalone application (Active Directory Application Mode (ADAM)).
Active Directory possible value: A collection consisting of name, display name, and description.
Active Directory property definition: Global Property Definitions stored in Active Directory. See Directory Service Schema Elements for details.
application programming interface (API): A set of routines used by an application program to direct the performance of procedures used by the computer's operating system. Also called application program interface.
auto apply quota: An FSRM object associated with a file system directory that causes directory quotas to be automatically created on all subdirectories that currently exist or are created in the future. See section 3.2.1.2.2 for details.
classification module: A module definition that encapsulates a mechanism to classify files. It contains logic to determine what value a specific classification property on a file might be set to, based on information about the file and the contents of the file. See section 3.2.1.6.2 for details.
classification rule: A FSRM object that defines a rule, which invokes a classification module on the files in a set of directories to apply property definition instances to each of those files.
cluster: A group of computers that are able to dynamically assign resource tasks among nodes in a group.
collection object: A collection that contains zero or more objects all of the same type. Collection objects are generally returned from enumeration methods, but are also returned for some object elements that have zero or more entries. For more information, see section 3.2.1.11.
common name (CN): A string attribute of a certificate that is one component of a distinguished name (DN). In Microsoft Enterprise uses, a CN must be unique within the forest where it is defined and any forests that share trust with the defining forest. The website or email address of the certificate owner is often used as a common name. Client applications often refer to a certification authority (CA) by the CN of its signing certificate.
Component Object Model (COM): An object-oriented programming model that defines how objects interact within a single process or between processes. In COM, clients have access to an object through interfaces implemented on the object. For more information, see [MS-DCOM].
directory quota: An FSRM object that is associated with a file system directory that limits the amount of data, which the system or any user can store in a directory.
directory quota template: An FSRM object that captures all the properties of a directory quota but is not associated with a specific file system directory. Templates are identified by a name and are used to simplify configuration of directory quotas. See section 3.2.1.2.3 for details.
directory quota threshold: A target directory size value that is represented as a percentage of the directory quota limit. When the size of all data in the directory reaches the target, the FSRM server can raise one or more FSRM notifications.
distinguished name (DN): A name that uniquely identifies an object by using the relative distinguished name (RDN) for the object, and the names of container objects and domains that contain the object. The distinguished name (DN) identifies the object and its location in a tree.
Distributed Component Object Model (DCOM): The Microsoft Component Object Model (COM) specification that defines how components communicate over networks, as specified in [MS-DCOM].
domain naming context (domain NC): A partition of the directory that contains information about the domain and is replicated with other domain controllers (DCs) in the same domain.
drive path: See mounted folder.
endpoint: A network-specific address of a remote procedure call (RPC) server process for remote procedure calls. The actual name and type of the endpoint depends on the RPC protocol sequence that is being used. For example, for RPC over TCP (RPC Protocol Sequence ncacn_ip_tcp), an endpoint might be TCP port 1025. For RPC over Server Message Block (RPC Protocol Sequence ncacn_np), an endpoint might be the name of a named pipe. For more information, see [C706].
event log: A collection of records, each of which corresponds to an event.
FCI Alternate Data Stream: An alternate data stream in NTFS used by FSRM to store property definition instances for a file. See [MS-FCIADS] section 2, for details on storing classification properties.
file extension: The sequence of characters in a file's name between the end of the file's name and the last "." character. Vendors of applications choose such sequences for the applications to uniquely identify files that were created by those applications. This allows file management software to determine which application are to be used to open a file.
file group: An FSRM object that contains a logical collection of file name patterns, which are identified by name that is used to define file screens and file screen exceptions. File group definitions can also be used for generating report jobs that are based on the file type.
file management job: A scheduled task that applies a command to a set of files as determined by a list of conditions and a list of namespaces.
file name pattern: A string expression that defines a set of file names. The expression can contain the wild card characters "*" and "?", which are evaluated as follows: a "*" matches 0 or more characters and a "?" matches exactly 1 character. For example, the file name "example.cpp" matches the pattern "e*.cpp", but not "e?.cpp". The file name "ex.cpp" would match both patterns. Note that when the file name pattern is compared to a specific file name, the pattern match is case-insensitive, as specified in section 3.2.7.4.
file screen: An FSRM object that is associated with a file system directory that limits the types of files that the system or any user can store in a directory. When a restricted file is detected, the FSRM server can raise one or more FSRM notifications.
file screen exception: An FSRM object associated with a file system directory that specifically excludes types of files from file screen processing. See section 3.2.1.3.2 for details.
file screen template: An FSRM object that captures all the properties of a file screen but is not associated with a specific file system directory. Templates are identified by a name and are used to simplify configuration of file screens. See section 3.2.1.3.3 for details.
file security descriptor: A data structure containing the security information associated with a securable object. See [MS-AZOD] section 1.1.1.3 for more information. Identifies an object's owner by its security identifier (SID). The format of the structure is as specified in [MS-DTYP] section 2.4.6.
file system: A set of data structures for naming, organizing, and storing files in a volume. NTFS, FAT, and FAT32 are examples of file system types.
FSRM object: A general term referring to an object that can be manipulated by FSRM, where the object can be any kind specified in section 3.2.1. Examples of FSRM objects include directory quotas, file screens, and report jobs.
globally unique identifier (GUID): A term used interchangeably with universally unique identifier (UUID) in Microsoft protocol technical documents (TDs). Interchanging the usage of these terms does not imply or require a specific algorithm or mechanism to generate the value. Specifically, the use of this term does not imply or require that the algorithms described in [RFC4122] or [C706] must be used for generating the GUID. See also universally unique identifier (UUID).
interface: A group of related function prototypes in a specific order, analogous to a C++ virtual interface. Multiple objects, of different object classes, can implement the same interface. A derived interface can be created by adding methods after the end of an existing interface. In the Distributed Component Object Model (DCOM), all interfaces initially derive from IUnknown.
module definition: An FSRM object that implements a locally called API to participate in determining how files are classified or how the property definition instances are stored for each file. See section 3.2.1.6.2 for details.
NT file system (NTFS): A proprietary Microsoft file system. For more information, see [MSFT-NTFS].
path: When referring to a file path on a file system, a hierarchical sequence of folders. When referring to a connection to a storage device, a connection through which a machine can communicate with the storage device.
process identifier (PID): A nonzero integer used by some operating systems (for example, Windows and UNIX) to uniquely identify a process. For more information, see [PROCESS].
property condition: An FSRM object that defines a constraint for a file management job which encapsulates a reference to a property definition, a comparison operator, and a value to compare property definition instances against. See section 3.2.1.7.2 for details.
property definition: An FSRM object that encapsulates a metadata definition that indicates the name of the metadata object and the type of values associated with it. See section 3.2.1.6.1 for details.
property schema: A collection of FSRM objects that define the metadata parameters that can be assigned to files.
property value: The value assigned to the property definition instance associated with a file.
quota template: A group of default quotas that can be applied to a site collection. It is stored in the configuration database.
relative distinguished name (RDN): The name of an object relative to its parent. This is the leftmost attribute-value pair in the distinguished name (DN) of an object. For example, in the DN "cn=Peter Houston, ou=NTDEV, dc=microsoft, dc=com", the RDN is "cn=Peter Houston". For more information, see [RFC2251].
remote procedure call (RPC): A communication protocol used primarily between client and server. The term has three definitions that are often used interchangeably: a runtime environment providing for communication facilities between computers (the RPC runtime); a set of request-and-response message exchanges between computers (the RPC exchange); and the single message from an RPC exchange (the RPC message). For more information, see [C706].
report job: An FSRM object that specifies a set of directories to be scanned to generate one or more different report types that allow an administrator to analyze how the storage in the directories in question is used. The job can also be associated with a scheduled task that will trigger report generation. See section 3.2.1.5.1 for details.
RPC protocol sequence: A character string that represents a valid combination of a remote procedure call (RPC) protocol, a network layer protocol, and a transport layer protocol, as described in [C706] and [MS-RPCE].
security audit log: An event log that records audited security events on the server.
security identifier (SID): An identifier for security principals that is used to identify an account or a group. Conceptually, the SID is composed of an account authority portion (typically a domain) and a smaller integer representing an identity relative to the account authority, termed the relative identifier (RID). The SID format is specified in [MS-DTYP] section 2.4.2; a string representation of SIDs is specified in [MS-DTYP] section 2.4.2 and [MS-AZOD] section 1.1.1.2.
storage module: A module definition that encapsulates a mechanism to persist and/or provide property definition instances for individual files on a file server.
Transmission Control Protocol (TCP): A protocol used with the Internet Protocol (IP) to send data in the form of message units between computers over the Internet. TCP handles keeping track of the individual units of data (called packets) that a message is divided into for efficient routing through the Internet.
Unicode: A character encoding standard developed by the Unicode Consortium that represents almost all of the written languages of the world. The Unicode standard [UNICODE5.0.0/2007] provides three forms (UTF-8, UTF-16, and UTF-32) and seven schemes (UTF-8, UTF-16, UTF-16 BE, UTF-16 LE, UTF-32, UTF-32 LE, and UTF-32 BE).
unique identifier (UID): A pair consisting of a GUID and a version sequence number to identify each resource uniquely. The UID is used to track the object for its entire lifetime through any number of times that the object is modified or renamed.
Universal Naming Convention (UNC): A string format that specifies the location of a resource. For more information, see [MS-DTYP] section 2.2.57.
universally unique identifier (UUID): A 128-bit value. UUIDs can be used for multiple purposes, from tagging objects with an extremely short lifetime, to reliably identifying very persistent objects in cross-process communication such as client and server interfaces, manager entry-point vectors, and RPC objects. UUIDs are highly likely to be unique. UUIDs are also known as globally unique identifiers (GUIDs) and these terms are used interchangeably in the Microsoft protocol technical documents (TDs). Interchanging the usage of these terms does not imply or require a specific algorithm or mechanism to generate the UUID. Specifically, the use of this term does not imply or require that the algorithms described in [RFC4122] or [C706] must be used for generating the UUID.
user principal name (UPN): A user account name (sometimes referred to as the user logon name) and a domain name that identifies the domain in which the user account is located. This is the standard usage for logging on to a Windows domain. The format is: someone@example.com (in the form of an email address). In Active Directory, the userPrincipalName attribute of the account object, as described in [MS-ADTS].
volume: A group of one or more partitions that forms a logical region of storage and the basis for a file system. A volume is an area on a storage device that is managed by the file system as a discrete logical storage unit. A partition contains at least one volume, and a volume can exist on one or more partitions.
volume identifier (VolumeId): A 128-bit value used to represent a volume. The value of a VolumeId is unique on a single computer (the local file system or a remote file server).
XML: The Extensible Markup Language, as described in [XML1.0].
XML schema: A description of a type of XML document that is typically expressed in terms of constraints on the structure and content of documents of that type, in addition to the basic syntax constraints that are imposed by XML itself. An XML schema provides a view of a document type at a relatively high level of abstraction.
XML Schema (XSD): A language that defines the elements, attributes, namespaces, and data types for XML documents as defined by [XMLSCHEMA1/2] and [XMLSCHEMA2/2] standards. An XML schema uses XML syntax for its language.
MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as defined in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.