Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managing Data by Using NTFS

Published byZoe Campbell Modified over 5 years ago

Similar presentations

Presentation on theme: "Managing Data by Using NTFS"— Presentation transcript:

1 Managing Data by Using NTFS

2 Overview Introduction to NTFS Permissions
How Windows 2008 Applies NTFS Permissions Using NTFS Permissions Using Special NTFS Permissions Compressing Data on an NTFS Partition Configuring Disk Quotas on NTFS Partitions

3 Introduction to NTFS Permissions
NTFS Partition ACL User1 User2 Read Group1 Full Control

4 Access Control List The ACL (access control list) contains a list of all user accounts, groups and computer that have been granted access for the file or folder The ACL must contain an entry called an access control entry (ACE) for the user accounts, groups , or computer to which the user belongs . if no ACE exists in the ACL , windows 2008 denies the user access to the resource .

5 NTFS Permissions You use NTFS Permissions to specify which users, groups, and computers can access files and folders . NTFS Permissions also dictate what users , groups , and computers can do with the contents of the file or folder .

6 NTFS Folder Permissions
Read Write List Folder Contents Read & Execute Modify Full Control

7 NTFS File Permissions Read Write Read & Execute Modify Full Control

8 How Windows 2000 Applies NTFS Permissions
Multiple NTFS Permissions NTFS Permissions Inheritance Copying and Moving Files and Folders Class Discussion: Applying NTFS Permissions

9 Multiple NTFS Permissions
NTFS Permissions Are Cumulative File Permissions Override Folder Permissions Deny Overrides Other Permissions NTFS Partition Folder A Read/Write Group B Write File1 User1 Read File2 Group A Deny Write to File2

10 NTFS Permissions Are Cumulative
A users effective permissions for a resource are the combination of the NTFS permissions that you grant to the individual user account and the NTFS permissions that you grant to the groups to which the user belongs . For example , if a user has the read permission for a folder and is a member of a group with the write permission for the same folder , then the user has both the read and write permissions for that folder .

11 File Permissions Override Folder Permissions
NTFS File Permissions take priority over NTFS Folder Permissions . For example , a user with the change permission for a file will be able to make changes to the file even if he or she has only the read permission for the folder containing the file .

12 Deny Overrides Other Permissions
You can Deny access to a specific file or folder by granting the deny permission to the user account or group . Even if a user has permission to access the file or folder as amember of a group . The deny permission is an exception to the cumulative rule . You should avoid denying permission because it is easier to allow access to users and groups than to specifically deny access .

13 NTFS Permissions Inheritance
Folder A Access to File 1 No Access to File 1 Prevent Inheritance Permission Inheritance File1 Read/Write

14 NTFS Permissions Inheritance
Whatever permissions you grant for a parent folder also apply to the subfolders and files that are contained within . When you grant NTFS permission to give access to folder , you grant permissions for the folder , for any existing files and subfolders , and for any new files and subfolders that are created in the folder .

15 Prevent Permissions Inheritance
You can prevent Permissions Inheritance , thereby preventing subfolders and files from inheriting permissions from parent folders . The subfolder for witch you prevent permission inheritance from its parent folder new becomes the new parent folder .

16 Copying and Moving Files and Folders
NTFS Partition D:\ E:\ C:\ All Copying Inherits Permissions Only Moving to the Same Partition Retains Permissions Copy Move Copy or Move

17 Copying Files and Folders
When you copy a folder or file within a single NTFS partition , the copy of the folder or file inherits the permissions for the destination folder . When you copy a folder or file between NTFS partition , the copy of the folder or file inherits the permissions of the destination folder . When you copy a folders or files to non- NTFS partitions such as file allocation table (FAT) , the folders and files lose their NTFS permissions , because non- NTFS partitions do not support NTFS permissions .

18 Moving Files and Folders
When you move a folder or file within an NTFS partition , the folder or file retains its original permissions. When you move a folder or file between NTFS partition , the folder or file inherits the permissions of the destination folder . When you move a folders or files to non- NTFS partitions such as file allocation table (FAT) , the folders and files lose their NTFS permissions , because non- NTFS partitions do not support NTFS permissions .

19 Class Discussion: Applying NTFS Permissions
Users Group Write to Folder1 Sales Group Read to Folder1 Users Group Read to Folder1 Sales Group Write to Folder2 NTFS Partition File2 Folder1 Folder2 File1 Users Group Sales Group User1

20 Using NTFS Permissions
Granting NTFS Permissions Setting Permission Inheritance Best Practices for Granting NTFS Permissions

21 Granting NTFS Permissions
Folder1 Properties General Web Sharing Sharing Security Name Add... Everyone Remove Permissions Full Control Modify Read & Execute List Folder Contents Read Write Advanced... Allow inheritable permissions from parent to propagate to this object. OK Cancel Apply

22 Setting Permission Inheritance
Folder1 Properties General Web Sharing Sharing Security Name Everyone Add... Remove Advanced... OK Cancel Apply Allow inheritable permissions from parent to propagate to this object. Full Control Modify Read & Execute List Folder Contents Read Write You are preventing any inheritable permissions from propagating to this object. What do you want to do? - To copy previously inherited permissions to this object, click Copy. - To remove the inherited permissions and keep only the permissions explicitly specified on this object, click Remove. - To abort this operation, click Cancel. Copy Remove Cancel Security Permissions

23 Best Practices for Granting NTFS Permissions
Grant Permissions to Groups As Opposed to Users Only Allow Users the Level of Access That They Require Grant Read & Execute and Write Permissions for Data Folders Grant Read & Execute Permissions for Application Folders Create Groups According to the Access That the Group Members Require

24 Using Special NTFS Permissions
Introduction to Special NTFS Permissions Granting Special NTFS Permissions

25 Introduction to Special NTFS Permissions
Permission to Change Permissions & Take Ownership Owner, Administrator ~~~~~~~~~~~~~~~~~~~~ Change Permissions Take Ownership Standard Permission Special Access Permissions Read Read Data Read Attributes Read Permissions Read Extended Attributes Users, Groups

26 Granting Special NTFS Permissions
Program Files Properties Access Control Settings for Program Files Permission Entry for Program Files General Web Sharing Sharing Security Permissions Auditing Owner Object Type Name Permission Allow Administrators (NWTR… Full Control Allow Authenticated Users Read & Exec… Allow Creator Owner Full Control Allow Server Operators (NWT… Modify Allow System Full Control Add... This permission is inherited directly on this object and inheriting permissions, clear the checkbox below. You parent object where it is defined. This permission is Remove View/Edit... Allow inheritable permissions from parent to propagate Reset permissions on all child objects and enable prop permissions. OK Cancel Clear All Apply these permissions to objects and/or containers within this container only Permissions: Allow Deny Name: Administrators [(NWTRADERS\Admi Change... Apply onto: This folder, subfolders and files Traverse Folder / Execute File List Folder / Read Data Read Attributes Read Extended Attributes Create Files / Write Data Create Folders / Append Data Write Attributes Write Extended Attributes Delete Subfolders and Files Delete Read Permissions Change Permissions Take Ownership

27 Compressing Data on an NTFS Partition
Introduction to Compressed Files and Folders Compressing Files and Folders Copying and Moving Compressed Files and Folders Best Practices for Compressing Data

28 Introduction to Compressed Files and Folders
Space Allocation Compression State Display Color Access to Compressed Files Through Applications NTFS Partition FileB FileA

29 Compressing Files and Folders
Advanced Attributes Choose the settings you want for this folder FolderA Properties General Web Sharing Sharing Security FolderA Type: Location: Size: Size on disk: Contains: Created: Attributes: File Folder C:\ 0 bytes 2.00 KB (2,048 bytes) 1 Files, 0 Folders Wednesday, September 16, 1998, 10:44:01 AM Read-only Hidden Advanced... OK Cancel Apply When you apply these changes you will be asked if you want the changes to affect all subfolders and files as well. Archive and Index attributes Folder is ready for archiving For fast searching, all Indexing Service to index this folder Compress or Encrypt attributes Compress contents to save disk space Encrypt contents to secure data OK Cancel

30 Copying and Moving Compressed Files and Folders
NTFS Partition A Copy NTFS Partition B Move Inherits Inherits Retains NTFS Partition C Copy NTFS Partition Move Inherits D

31 Best Practices for Compressing Data
Determine Which File Types to Compress Do Not Compress Already Compressed Files Use Different Display Colors for Compressed Files and Folders Compress Static Data Rather Than Data That Changes Frequently

32 Configuring Disk Quotas on NTFS Partitions
Using Disk Quotas Setting Disk Quotas

33 Using Disk Quotas Usage Calculation Based on File and Folder Ownership
Compression Ignored When Calculating Usage Free Space for Applications Based on Quota Limit Disk Quotas Tracked for Each NTFS Partition

34 Setting Disk Quotas Option Description Enable quota management
Enable disk quota management Deny disk space to users exceeding quota limit Users cannot write to volume when they exceed their hard disk space allocation Do not limit disk usage No hard disk space limit for users Limit disk space to Specify amount of disk space users can use Set warning level to Specify amount of disk space users can fill before event is logged Quota Entries Add entries, delete entries, view properties for entries NTFS Partition User MB User 2 35 MB

35 Encrypting a Folder or File.
From page 39 in Module 6:managing Data by Using NTFS.

Download ppt "Managing Data by Using NTFS"

Similar presentations

When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.

When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.
1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.

1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.

1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
1 Distributed File System, and Disk Quotas (Week 7, Thursday 2/21/2007) © Abdou Illia, Spring 2007.

1 Distributed File System, and Disk Quotas (Week 7, Thursday 2/21/2007) © Abdou Illia, Spring 2007.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
MIS 431 - Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.

MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.

By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
Module 6: Managing Data Storage. Overview Managing File Compression Configuring File Encryption Implementing Disk Quotas.

Module 6: Managing Data Storage. Overview Managing File Compression Configuring File Encryption Implementing Disk Quotas.
1 Chapter Overview Managing Compression Managing Disk Quotas Increasing Security with EFS Using Disk Defragmenter, Check Disk, and Disk Cleanup.

1 Chapter Overview Managing Compression Managing Disk Quotas Increasing Security with EFS Using Disk Defragmenter, Check Disk, and Disk Cleanup.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
File systems security: Shared folders & NTFS permissions, EFS Disk Quotas (March 30, 2015) © Abdou Illia, Spring 2015.

File systems security: Shared folders & NTFS permissions, EFS Disk Quotas (March 30, 2015) © Abdou Illia, Spring 2015.
Group Accounts; Securing Resources with Permissions

Group Accounts; Securing Resources with Permissions
1 Using Compressed Files and Folders Applications and operating systems read and write to compressed files. NTFS uncompresses the file before making it.

1 Using Compressed Files and Folders Applications and operating systems read and write to compressed files. NTFS uncompresses the file before making it.
Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.

Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.

Similar presentations

Ads by Google