C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.

Slides:



Advertisements
Similar presentations
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
Advertisements

1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
Group Accounts; Securing Resources with Permissions
Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.
Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.
Access Control Lists and NTFS Permissions INFO333 – Lecture Mariusz Nowostawski Noria Foukia.
Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
With Windows XP, you can share files and documents with other users on your computer and with other users on a network. There is a new user interface.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 5: Managing File Access.
IOS110 Introduction to Operating Systems using Windows Session 8 1.
Module 4 Managing Access to Resources in Active Directory ® Domain Services.
Managing Groups, Folders, Files and Security Local Domain local Global Universal Objects Folders Permissions Inheritance Access Control List NTFS Permissions.
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.
Implementing Group Policy. Overview What is Group Policy Introduction to Group Policy Group Policy Structure How Group Policy Settings Are Applied in.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
Module 3 Configuring File Access and Printers on Windows ® 7 Clients.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.
Module 3: Configuring File Access and Printers on Windows 7 Clients
Chapter 8 Configuring and Managing Shared Folder Security.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.
Page 1 NTFS and Share Permissions Lecture 6 Hassan Shuja 10/26/2004.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 11: Group Policy for Corporate Policy.
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
Administering Group Policy Chapter Eleven. Exam Objectives in this Chapter  Plan a Group Policy strategy using Resultant Set of Policy Planning mode.
Lecture 6 File, Folder and Share Security. Objectives Managing file and folder security.
NetTech Solutions Security and Security Permissions Lesson Nine.
1 Introduction to NTFS Permissions Assign NTFS permissions to specify Which users and groups can gain access to folders and files What they can do with.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
Configuring and Managing Resource Access Lecture 5.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
1 Introduction to Shared Folders Shared folders provide network users access to files. Users connect to the shared folder over the network. Users must.
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
11/06/ أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 5.
Unit 8 NT1330 Client-Server Networking II Date: 2?10/2016
11 SUPPORTING WINDOWS XP FILE AND FOLDER ACCESS Chapter 5.
ITMT Windows 7 Configuration Chapter 6 – Sharing Resource ITMT 1371 – Windows 7 Configuration 1.
Introducing, Installing, and Upgrading Windows 7
Introduction to NTFS Permissions
Module 4: Managing Access to Resources
Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016
Windows Vista Inside Out
Presentation transcript:

C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING

INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in FAT files type. NTFS permission is used to identify which users & groups can gain access to the files & folders.

FILE PERMISSION & FOLDER PERMISSION Standard permission = permissions that controls a broad range of permissions. Ex: Full control Folders have same standard permissions as files but Folder has extra standard permission which is ‘List Folder Contents’

S TANDARD NTFS FILE & FOLDER PERMISSION

P LANNING NTFS PERMISSIONS Guidelines to follow before assigning permissions: Group the files into application, data & home folders to simplify administration Benefit: assign permissions only to folders not to the individual files, backup is less complex. Allow users only the level of access that they require Create group according to the access that the group member requires for resources. Assign the read & execute permission to the user group & administrator when you assign permission to work with data / application folders. Assign read & execute permission & the write permission to the users group. Full Control permission to owner for public data folders.

P LANNING NTFS PERMISSIONS Deny permissions only when it is essential to deny specific access to a specific user account / group. Encourage users to assign permissions to the files & folders that they create & educate them about how to do so.

T AKE OWNERSHIP OF FILES & FOLDERS Every object (files & folders) on an NTFS volume has an owner who controls how permissions are set on the object & to whom permissions are granted. When a user creates an object, the user automatically becomes the object’s owner. The owner of a file, an administrator or anyone with Full Control permission can assign Take Ownership permission to a user account / group.

T AKE OWNERSHIP OF FILES & FOLDERS The following rules apply for taking ownership of file/folder. Current owner / user with Full Control can assign the full control standard permissions or the Take Ownership special access permission to another user account / group. Administrator can take ownership of a file or folder. If an administrator takes ownership, the Administrator group can become the owner & any member from this group can change the permissions for file & folders and assign the Take Ownership permission to other group/user

N TFS PERMISSIONS INHERITANCE By default, permissions that you assign to the parent folder are inherited to the subfolders 7 files contained in the parent folder. You can also prevent this inheritance by un-checking the ‘Inherit from parent the permission entries that apply to child objects’ box.

E FFECTS ON COPYING FILES & FOLDERS Permissions change when you copy files/folders from one folder to another or from one volume to another. Ex: if you copy folders to the FAT volumes, the folder will lose their NTFS permissions.

E FFECTS ON COPYING FILES & FOLDERS When you copy a file within or between NTFS volumes, note the following; Windows XP professional treats it as a new file & takes on the permissions of the destination folder. You must have write permission for the destination folder to copy files & folders. You become the creator and owner.

E FFECTS ON COPYING FILES & FOLDERS When you move a file or folder within NTFS volume; The file / folder retains the original permissions. You must have write permission for the destination folder to move files & folders to it. You must have modify permission for the source file/folder You become the creator & owner.

E FFECTS ON COPYING FILES & FOLDERS When you move a file / folder between NTFS volumes: The file/folder inherits the permissions of the destination folder. You must have the write permission for the destination folder to move files & folders into it. You must have the modify permission for the source file / folder. You become the creator & owner.

O VERVIEW OF SECURITY POLICY Security policy = to be secure for a system, organization or other entity. There are 2 types of policies in Windows XP Professional; Local security policy – applied to specific computers that are members of a workgroup Group policy – applied to sites, domain & it effects all computers or users that are members of the container to which the group policy is assigned.

L OCAL SECURITY POLICY Allows you to implement security relevant settings on a local computer such as group membership, permissions & rights, password requirements, desktop setting etc. Some of the settings are: Account policy – password policies Local policies – audit policy, user right & security option Public key policies – used to configure encrypted data recovery agent & trusted certificate authorities. Software restriction policies – prevent unwanted applications IP security policies – configure the security of network internet protocol System services – manage security setting such as print services, internet services, network services etc Registry – to manage registry subkeys & entries File system – manage security settings on local file system

G ROUP POLICY Administrators primary tool for controlling how programs, network resources & the Operating system behaves. It can be configured at the local level / within the active directory structure. Administrators can manage the group policy components such as enforce password history, administrative templates, security settings, software installation, scripts and folder redirection.

C ONFIGURING ACCOUNT POLICY Account policy = a policy that controls the password requirements & how the system responds to invalid logon attempts. 2 ways to configure; Password policy & Account lockout policy

C ONFIGURING ACCOUNT POLICY

C ONFIGURING USER RIGHT Administrators can assign specific rights to group accounts / individual user accounts. These rights authorize users to perform specific actions such as logging on the system interactively or backing up files / directories. It is recommended that user rights should be assigned only to groups & not the individual group accounts. 2 types of user rights ; privileges & Logon rights

C ONFIGURING SECURITY OPTIONS Windows XP Professional’s special security options are grouped into the following categories: accounts, audit, devices, domain controller, domain member, interactive logon, microsoft network client, network access, network security, recovery console, shutdown, system cryptography & system objects. These options can be accessed in the Local Security window which is inside the Local policy Folder.

S ECURITY OPTIONS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.