Lesson 4: Configuring File and Share Access

Slides:



Advertisements
Similar presentations
Chapter 5: Database Forms and Reports
Advertisements

Lesson 17: Configuring Security Policies
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
MOAC : Installing and Configuring Windows Server 2012
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
Lesson 4: Configuring File and Share Access
Lesson 14: Creating and Managing Active Directory Users and Computers
Lesson 1: Configuring Network Load Balancing
Lesson 5: Configuring Print and Document Services
Lesson 19: Configuring Windows Firewall
Lesson 16: Creating Group Policy Objects
Lesson 2: Configuring Servers
Lesson 18: Configuring Application Restriction Policies
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
Lesson 9: Creating and Configuring Virtual Networks
5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.
Chapter 5 File and Printer Services
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 6: Windows File and Print Services.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
Lesson 13: Building Web Forms Introduction to Adobe Dreamweaver CS6 Adobe Certified Associate: Web Communication using Adobe Dreamweaver CS6.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
Week 9 Objectives Securing Files and Folders Protecting Shared Files and Folders by Using Shadow Copies Configuring Network Printing.
Implementing File and Print Services
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 5: Managing File Access.
IOS110 Introduction to Operating Systems using Windows Session 8 1.
Managing Groups, Folders, Files and Security Local Domain local Global Universal Objects Folders Permissions Inheritance Access Control List NTFS Permissions.
Chapter 9: SHARING FILE SYSTEM RESOURCES1 CHAPTER OVERVIEW  Create and manage file system shares and work with share permissions.  Use NTFS file system.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
Copyright © 2000 John Wiley & Sons, Inc. All rights reserved
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Page 1 NTFS and Share Permissions Lecture 6 Hassan Shuja 10/26/2004.
Lesson 3: Migrating and Configuring User Data
Lesson 11: Configuring and Maintaining Network Security
Lesson 23: Configure File Recovery
Lesson 13: Configuring Shared Resources
Lesson 12: Configuring Remote Management
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
5 Lesson 5: Installing and Configuring Desktop Applications and Windows Store Apps MOAC : Configuring Windows 8.1.
Lesson 20: Managing Local Storage MOAC : Configuring Windows 8.1.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
Lesson 18: Configuring Security for Mobile Devices MOAC : Configuring Windows 8.1.
Lesson 6: Controlling Access to Local Hardware and Applications
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
1 Introduction to Shared Folders Shared folders provide network users access to files. Users connect to the shared folder over the network. Users must.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
Lesson 14: Configuring File and Folder Access MOAC : Configuring Windows 8.1.
ITMT Windows 7 Configuration Chapter 6 – Sharing Resource ITMT 1371 – Windows 7 Configuration 1.
Lesson 19: Configuring and Managing Updates
Lesson 5: Configuring Print and Document Services
Lesson 22: Configuring System Recovery
Lesson 6: Configuring Servers for Remote Management
Introduction to NTFS Permissions
Module 4: Managing Access to Resources
Managing Data by Using NTFS
Copyright © 2000 John Wiley & Sons, Inc. All rights reserved
Managing Data by Using NTFS
Copyright © 2000 John Wiley & Sons, Inc. All rights reserved
Introducing NTFS Reliability Security Long file names Efficiency
Creating and Managing Folders
Presentation transcript:

Lesson 4: Configuring File and Share Access MOAC 70-410: Installing and Configuring Windows Server 2012

Overview Exam Objective 2.1: Configure File and Share Access Designing a File Sharing Strategy Creating Folder Shares Assigning Permissions Configuring Volume Shadow Copies Configuring NTFS Quotas Lecture notes go here © 2013 John Wiley & Sons, Inc.

Creating Folder Shares Lesson 4: Configuring File and Share Access Lecture notes go here © 2013 John Wiley & Sons, Inc.

Creating Folder Shares Shares must be created in order for network users to be able to access the disks on the servers. You must determine: What folders you will share What names you will assign to the shares What permissions you will grant users to the shares What Offline Files settings you will use for the shares © 2013 John Wiley & Sons, Inc.

Creator/Owner You can share your own folders. Right-click and select Share with > Specific People to access a simplified interface. Use Sharing tab of the folder’s Properties sheet for greater control. © 2013 John Wiley & Sons, Inc.

Creating Folder Shares The File Sharing dialog box © 2013 John Wiley & Sons, Inc.

Creating Folder Shares The Advanced Sharing dialog box © 2013 John Wiley & Sons, Inc.

Types of Folder Shares Server Message Blocks (SMB) The standard file-sharing protocol used by all versions of Windows. Requires the File Server role service. Network File System (NFS) The standard file sharing protocol used by most UNIX and Linux distributions. Requires the Server for NFS role service. © 2013 John Wiley & Sons, Inc.

Create a Folder Share The Shares homepage © 2013 John Wiley & Sons, Inc.

The Select the profile for this share page in the New Share Wizard Create a Folder Share The Select the profile for this share page in the New Share Wizard © 2013 John Wiley & Sons, Inc.

Create a Folder Share The Select the server and path for this share page of the New Share Wizard © 2013 John Wiley & Sons, Inc.

The Specify share name page of the New Share Wizard Create a Folder Share The Specify share name page of the New Share Wizard © 2013 John Wiley & Sons, Inc.

The Configure share settings page of the New Create a Folder Share The Configure share settings page of the New Share Wizard © 2013 John Wiley & Sons, Inc.

The Specify permissions to control access page of the New Share Wizard Create a Folder Share The Specify permissions to control access page of the New Share Wizard © 2013 John Wiley & Sons, Inc.

The Confirm selections page of the New Share Wizard Create a Folder Share The Confirm selections page of the New Share Wizard © 2013 John Wiley & Sons, Inc.

The new share on the Shares homepage in Create a Folder Share The new share on the Shares homepage in Server Manager © 2013 John Wiley & Sons, Inc.

Assigning Permissions Lesson 4: Configuring File and Share Access Lecture notes go here © 2013 John Wiley & Sons, Inc.

Assigning Permissions The four permissions systems: Share permissions: Control access to folders over a network. NTFS permissions: Control access to the files and folders stored on disk volumes formatted with the NTFS file system. Registry permissions: Control access to specific parts of the Windows registry. Active Directory permissions: Control access to specific parts of an Active Directory Domain Services (AD DS) hierarchy. © 2013 John Wiley & Sons, Inc.

Windows Permissions Architecture Access Control List (ACL) Access Control Entries (ACEs) Security principal Folder ACL Sales – Read Managers – Full Control JSmith – Deny Access ACEs Security Principal Permission © 2013 John Wiley & Sons, Inc.

The Security tab of a Properties sheet Windows Permissions The Security tab of a Properties sheet © 2013 John Wiley & Sons, Inc.

Basic and Advanced Permissions Permissions allow you to grant specific degrees of access to security principals. Preconfigured permission combinations are called Basic Permissions. Advanced Permissions are more granular and can be applied individually, but are rarely used. © 2013 John Wiley & Sons, Inc.

Allowing and Denying Permissions Additive Start with no permissions and then grant Allow permissions (preferred method). Subtractive Start by granting Allow permissions and then grant Deny permissions. © 2013 John Wiley & Sons, Inc.

Inheriting Permissions Permissions run downward through a hierarchy © 2013 John Wiley & Sons, Inc.

Effective Access The combination of Allow permissions and Deny permissions that a security principal receives for a system element: Allow permissions are cumulative. Deny permissions override Allow permissions. Explicit permissions take precedence over inherited permissions. © 2013 John Wiley & Sons, Inc.

The Effective Access tab of the Advanced Security Settings dialog box © 2013 John Wiley & Sons, Inc.

Setting Share Permissions The Share Permissions tab for a shared folder © 2013 John Wiley & Sons, Inc.

Share Permissions Share permission Allows or denies security principals the ability to: Full Control Change file permissions. Take ownership of files. Perform all tasks allowed by the Change permission. Change Create folders. Add files to folders. Change data in files. Append data to files. Change file attributes. Delete folders and files. Perform all actions permitted by the Read permission. Read Display folder names, filenames, file data, and attributes. Execute program files. Access other folders within the shared folder. © 2013 John Wiley & Sons, Inc.

The Permissions page of a share’s Properties sheet in Server Manager Set Share Permissions The Permissions page of a share’s Properties sheet in Server Manager © 2013 John Wiley & Sons, Inc.

Set Share Permissions The Share tab of the Advanced Security Settings dialog box for a share in Server Manager © 2013 John Wiley & Sons, Inc.

A Permission Entry dialog box for a share in Set Share Permissions A Permission Entry dialog box for a share in Server Manager © 2013 John Wiley & Sons, Inc.

A new share permission entry in a share’s access Set Share Permission A new share permission entry in a share’s access control list © 2013 John Wiley & Sons, Inc.

NTFS Authorization NTFS and ReFS support permissions. Every file and folder on an NTFS or ReFS drive has an ACL with ACEs, each of which contains a security principal and their permissions. Security Principals are users and groups identified by Windows using security identifiers (SIDs). During authorization, when a user accesses a file/folder, the system compares the user’s SIDs to those stored in the element’s ACEs to determine that user’s access. © 2013 John Wiley & Sons, Inc.

NTFS Basic Permissions—Full Control Folder File Modify the folder permissions. Take ownership of the folder. Delete subfolders and files contained in the folder. Perform all actions associated with all other NTFS folder permissions. Modify the file permissions. Take ownership of the file. Perform all actions associated with all other NTFS file permissions. On the next several slides, explain what each Standard permission allows a Security Principal to do. © 2013 John Wiley & Sons, Inc.

NTFS Basic Permissions—Modify Folder File Delete the folder. Perform all actions associated with the Write and the Read & Execute permissions. Modify the file. Delete the file. Perform all actions associated with the Write and the Read & Execute permissions. © 2013 John Wiley & Sons, Inc.

NTFS Basic Permissions—Read & Execute Folder File Navigate through restricted folders to reach other files and folders. Perform all actions associated with the Read and List Folder Contents permissions. Perform all actions associated with the Read permission. Run applications. © 2013 John Wiley & Sons, Inc.

NTFS Basic Permissions—List Folder Contents File View the names of the files and subfolders contained in the folder. Not applicable © 2013 John Wiley & Sons, Inc.

NTFS Basic Permissions—Read Folder File See the files and subfolders contained in the folder. View the ownership, permissions, and attributes of the folder. Read the contents of the file. View the ownership, permissions, and attributes of the file. © 2013 John Wiley & Sons, Inc.

NTFS Basic Permissions—Write Folder File Create new files and subfolders inside the folder. Modify the folder attributes. View the ownership and permissions of the folder. Overwrite the file. Modify the file attributes. View the ownership and permissions of the file. © 2013 John Wiley & Sons, Inc.

Assign Basic NTFS Permissions The Advanced Security Settings dialog box for a share in Server Manager © 2013 John Wiley & Sons, Inc.

Assigning Advanced NTFS Permissions The Permission Entry dialog box displaying Advanced Permissions © 2013 John Wiley & Sons, Inc.

Resource Ownership Every file and folder on an NTFS drive has an owner. The owner always has the ability to modify the permissions, even if current permissions settings deny them access. The owner is the person who created the file or folder. Others with the Take Ownership permission can become the owner. © 2013 John Wiley & Sons, Inc.

Combining Share and NTFS Permissions NTFS Volume Shared Folder File A File B Share Permissions NTFS Permissions FC R Everyone © 2013 John Wiley & Sons, Inc.

Configuring Volume Shadow Copies Lesson 4: Configuring File and Share Access Lecture notes go here © 2013 John Wiley & Sons, Inc.

Volume Shadow Copies Allow you to maintain previous versions of files on a server. A copy of a file can be accessed even if a file has been accidentally deleted or overwritten. Can be implemented for entire volumes only. © 2013 John Wiley & Sons, Inc.

Configure Shadow Copies The Shadow Copies dialog box © 2013 John Wiley & Sons, Inc.

Configure Shadow Copies The Settings dialog box © 2013 John Wiley & Sons, Inc.

Configuring NTFS Quotas Lesson 4: Configuring File and Share Access Lecture notes go here © 2013 John Wiley & Sons, Inc.

NTFS Quotas Enable administrators to set a storage limit for users of a particular volume. Users exceeding the limit can be denied access or just receive a warning. Space consumed by users is measured by the size of the files they own or create. © 2013 John Wiley & Sons, Inc.

The Quota tab of a volume’s Properties sheet Configure NTFS Quotas The Quota tab of a volume’s Properties sheet © 2013 John Wiley & Sons, Inc.

Configuring Work Folders Work Folders is a Windows Server 2012 R2 feature that enables administrators to provide their users with synchronized access to their files on multiple workstations and devices, while storing them on a network file server. To set up the Work Folders environment, you install the Work Folders role service in  the File and Storage Services role on a server running Windows Server 2012 R2, and create a new type of share called a sync share . This installs the IIS Hostable Web Core feature , which makes it possible for the server to respond to incoming HTTP requests from Work Folders clients on the network. © 2013 John Wiley & Sons, Inc.

Configuring Work Folders On the client side, you configure Work Folders in the Windows 8.1 Control Panel, specifying the email address of the user and the location of the Work Folders on the local disk. The system also creates a system folder called Work Folders, which appears in File Explorer and in file management dialogs. When the user saves files to the Work Folders on the client system, they are automatically synchronized with the user’s folder on the Work Folders server. © 2013 John Wiley & Sons, Inc.

Lesson Summary Creating folder shares makes the data stored on a file server’s disks accessible to network users. Windows Server 2012 R2 has several sets of permissions that operate independently of each other, including NTFS permissions, share permissions, registry permissions, and Active Directory permissions. NTFS permissions enable you to control access to files and folders by specifying the tasks individual users can perform on them. Share permissions provide rudimentary access control for all of the files on a network share. Network users must have the proper share and NTFS permissions to access file server shares. Access-based enumeration (ABE) applies filters to shared folders based on individual user’s permissions to the files and subfolders in the share. Users who cannot access a particular shared resource are unable to see that resource on the network. Lecture notes go here © 2013 John Wiley & Sons, Inc.

Lesson Summary Offline Files is a Windows feature that enables client systems to maintain local copies of files they access from server shares. Volume Shadow Copies is a Windows Server 2012 feature that enables you to maintain previous versions of files on a server, so that if users accidentally delete or overwrite a file, they can access a copy. You can only implement Shadow Copies for an entire volume; you cannot select specific shares, folders, or files. NTFS quotas enable administrators to set a storage limit for users of a particular volume. Depending on how you configure the quota, users exceeding the limit can be denied disk space, or just receive a warning. Lecture notes go here © 2013 John Wiley & Sons, Inc.

Copyright 2013 John Wiley & Sons, Inc. All rights reserved. Reproduction or translation of this work beyond that named in Section 117 of the 1976 United States Copyright Act without the express written consent of the copyright owner is unlawful. Requests for further information should be addressed to the Permissions Department, John Wiley & Sons, Inc. The purchaser may make back-up copies for his/her own use only and not for distribution or resale. The Publisher assumes no responsibility for errors, omissions, or damages, caused by the use of these programs or from the use of the information contained herein.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.