.png?width=100&auto=webp&quality=80&disable=upscale "Picture of John Savill")
.png?width=400&auto=webp&quality=80&disable=upscale "John Savill")
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Storing NTFS Classification Data
Wondering how classification data is stored in NTFS? Learn the answer here.
John Savill
May 10, 2013
1 Min Read
Q: How is NTFS file classification data stored?
A: Classifying data has become a more important capability to organizations and is native to Windows Server 2008 R2 and later. Data classification properties are stored in several ways. For all data, classification data is stored as an NTFS alternate data stream, which can be seen if you examine a file with classification data (notice the FSRM stream):
PS E:UNSC> get-item .master_chief_eyes.jpg -Stream *
FileName: E:UNSCmaster_chief_eyes.jpgStream Length------ ------:$DATA 39060FSRM{ef88c031-595... 144Using NTFS alternate data streams allows the classification to follow the data, provided it's moved or copied between NTFS volumes. But it would be lost if moved to non-NTFS volumes, which includes ReFS (which does not support alternate data streams), or if the data is attached in something such as an email.
For Office documents, the classification data is also stored within the application data. This means the classification travels with the document, if loaded to SharePoint.
In Windows Server 2012, the classification data is also stored in the security descriptor of the data to allow authorization control based on classification (Dynamic Access Control).
About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
