Let’s say for a moment that it’s been a big family dinner and you’ve got one massive pie left for dessert. You ask who wants pie, and four people each say they want pie. You divide the pie equally among the four people and each person receives the same size slice.
Before you’re done serving, though, not only has one person eaten their entire slice, but they’re actively trying to eat some of the pie from the person next to them. It won’t take long for them to be told no, and like it or not, they’ve had their fair share.
Disk quotas are very much like this scenario: multiple people sharing the storage with a maximum amount of total storage available. To manage this, everyone is given a particular amount of space assigned to them — sometimes more, sometimes less depending on need. Sometimes it’s possible to get away with just asking someone “hey, can you try to keep your used space below this amount, please?” Other times, though, they can completely surpass that amount without even trying, just due to the way that data grows. That’s where disk quotas come into play.
What are disk quotas?
The first thing we need to clarify is our terminology, because there are actually two different types of disk quotas: file-based and space-based. File-based limits the number of files that a user can create, while space-based limits the amount of disk space a user can use to store data. For the purposes of Windows 10, we’re going to focus solely on the space-based limits as that is what they focus on significantly more.
Disk quotas in the context of Windows 10, and by extension Windows Server, revolve around assigning users and user groups limits to how much space they can use in a given storage area. Sometimes this can mean a single physical drive like the C: drive on an individual workstation, right on up to permissions for an entire group on network-attached storage.
Why should we use disk quotas?
In some cases this is a very valid question. Spinning disk storage (standard hard disk drives) are CHEAP — incredibly so, considering where we were not very long ago. In fact, the amount of storage a single person can have in a regular desktop system now could have been considered inconceivable more than, say, 10-15 years ago. For instance, if we look at historical prices for hard disk storage, a 26-megabyte spinning hard disk in 1980 cost $5,000 USD. If we fast-forward to today, a quick search found a 12-terabyte (that’s 12,000,000 megabytes) spinning hard disk available for $175 USD. (With free shipping!). For just sheer raw space, it’s really hard to argue with this technology — but there are limitations.
Both individual storage systems and large storage arrays have been steadily moving away from spinning disk and into solid-state drives for benefits in both data access speed and longevity.Spinning disks have one critical problem — they spin. Constantly. This creates fatigue in the working parts and reduces the estimated lifetime of the drive. Solid-state drives (SSDs) do not use this sort of method, and as a result, have a significantly higher estimated time before failure.
The problem with SSDs, on the other hand, is that they haven’t really been in the market long enough to reach the same price-per-gigabyte level of their counterparts yet. What this means is that you will pay significantly more for the same amount of storage if you choose to get an SSD.
So back to the point of this question — why should we use a disk quota? Because storage will always be limited, one way or another, when it is on a physical device. On top of this, operating systems always require at least a minimum amount of space to run safely, and we want to keep at least some reserve space available for adding on additional programs and updates later on. Therefore, we want to have user data in areas that are not on the C: drive as much as possible, which lends itself quite well to disk quotas.
But even if we have additional data drives that we are carving up for users, we still want to make sure that storage needs do not rapidly increase without adequate warnings. Disk quotas give both the administrators and users warnings as they approach particular thresholds — first a warning as they are starting to get there, and then a hard limit as they reach the maximum authorized storage.
In addition, there are more than a few types of malware that attempt to deny access to systems by filling the storage all the way up with junk or encrypted data. By denying anyone that doesn’t need it this ability, it gives one more layer of safety and stability to our systems.
Setting up disk quotas
One important thing to consider: disk quotas work best when implemented before users have started using the disk. This is because disk quotas may be initially disabled for users that already have files on the drive. To access disk quota options, we want to first go to File Explorer.
Once in File Explorer, we’ll want to right-click on the drive we want to set up disk quotas for and select Properties. At the top of this screen, you’ll want to click on the Quota tab.
Once you click on Show Quota Settings, it will bring up the Quota options dialog box.
Clicking the Enable Quota Management checkbox will activate disk quotas. After this, you can dial in your exact space requirements, along with options such as “Deny disk space to users exceeding quota limit”. Any settings set here will be for all users across the system; however, if you want to dial in the settings on a per-user basis, you can click on Quota Entries to adjust their settings accordingly.
You can right click on any of the existing entries and select Properties to set/update the quota, or go up to the Quota dropdown menu to select New Entry and select a user you wish to create a quota for.
Disk quotas are a basic tenet of system administration, even though they do take a bit of dialing in to get the right settings for your particular environment. Once you understand the concepts and ways to implement them, though, they are a wonderful tool that will help out tremendously. However, this is only one tool that assists in making system administration and information security significantly easier and more effective.