1556 a 04
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

1556 a 04

on

  • 715 views

 

Statistics

Views

Total Views
715
Views on SlideShare
715
Embed Views
0

Actions

Likes
0
Downloads
3
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

1556 a 04 Presentation Transcript

  • 1. Module 4:Administering File Resources
  • 2. Overview  Using NTFS Permissions  How Windows 2003 Applies NTFS Permissions  Assigning NTFS Permissions  Copying and Moving Files and Folders  Sharing Resources  Creating Shared Folders  NTFS Permissions and Shared Folders  Troubleshooting Access Problems  Best Practices
  • 3.  Using NTFS Permissions  NTFS Permissions  NTFS Folder Permissions  NTFS File Permissions NTFS Partition C:
  • 4. NTFS Permissions  Specific Permissions Required to Assign Permissions  Permissions Assigned to User Accounts and Groups  Permission Can Be Denied NTFS Partition C: User1 Read User2 No Permission Assigned
  • 5. NTFS Folder Permissions Folder Permissions Read Write List Folder Contents Read & Execute Modify Full Control
  • 6. NTFS File Permissions File ~~~~~~ Permissions ~~~~~~ ~~~~~~ Read ~~~~~~ Write ~~~~ Read & Execute Modify Full Control
  • 7.  How Windows 2003 Applies NTFS Permissions  Multiple NTFS Permissions  NTFS Permissions Inheritance  Default NTFS Permissions  Class Discussion: Applying NTFS Permissions
  • 8. Multiple NTFS Permissions  NTFS Permissions Are Cumulative  File Permissions Override Folder Permissions  Deny Overrides Other Permissions NTFS Partition C: Read / Write FolderA GroupB Write User1 Read Read / Write File1 Read File2GroupADeny Write to File2
  • 9. NTFS Permissions Inheritance Read / Write FolderA Inherit Permissions Access to FolderB FolderB Read / Write FolderA Prevent Inheritance FolderB No access to FolderB FolderC
  • 10. Default NTFS Permissions  NTFS Permissions Automatically Assigned  When a partition is formatted with NTFS  When a folder or file is created  When a user account is added to a folder
  • 11. Class Discussion: Applying NTFS Permissions  Users Group NTFS Partition Write to Folder1 C:  Sales Group Read to Folder1 Folder1 Users Group  Users Group Read to Folder1 Doc1 User1  Sales Group Write to Folder2 Folder2  Users Group Modify to Folder1  Doc2 should only be Doc2 accessible to Sales Sales Group Group, and only for read access
  • 12.  Assigning NTFS Permissions  Guidelines for Assigning NTFS Permissions  Setting NTFS Permissions  Controlling Permissions Inheritance
  • 13. Guidelines for Assigning NTFS Permissions Group Resources to Simplify Administration Assign Only the Permissions That Users Need Create Groups According to Resource Access Needs Assign Read & Execute Permissions for Application Folders Assign Appropriate Permissions to Users and File Owner for Public Data Assign Permissions Rather Than Deny Permissions
  • 14. Setting NTFS PermissionsFolder1 Properties General Web Sharing Sharing Security Name Add... Everyone Select Users, Computers, or Groups Remove Look in: Entire Directory Name In Folder BATCH Full Control INTERACTIVE Modify SERVICE Read & Execute Administrator nwtraders. com Guest nwtraders. com List Folder Contents IUSR_SERVER1 nwtraders. com Read Write Name: Advanced... Check Names You have selected the following objects: Allow inheritable permissions from parent to propagate to this object. Name In Folder Administrator nwtraders.com OK Cancel Apply
  • 15. Controlling Permissions InheritanceFolder1 Properties General Web Sharing Sharing Security Name Add... Everyone Remove Security You are preventing any inheritable permissions from propagating to this object. What do you want to do? Full Control - To copy previously inherited permissions to this object, click Copy. Modify - To Remove the inherited permissions and keep only the permissions Read & Execute explicitly specified on this object, click Remove. List Folder Contents - To abort this operation, click Cancel. Read Write Copy Remove Cancel Advanced... Allow inheritable permissions from parent to propagate to this object. OK Cancel Apply
  • 16.  Copying and Moving Files and Folders  Copying Files and Folders  Moving Files and Folders  Class Discussion: Copying and Moving Files
  • 17. Copying Files and Folders NTFS Partition NTFS Partition NTFS Partition C: C: D: Copy CopyPermissions = Permissions = Permissions = Permissions = Full Control Destination Folder Full Control Destination Folder NTFS Partition Non-NTFS Partition C: Copy Permissions = Lose NTFS Read, Write Permission Full Control Permissions
  • 18. Moving Files and Folders NTFS Partition NTFS Partition NTFS Partition C: C: D: Move MovePermissions = Permissions = Permissions = Permissions = Full Control Full Control Full Control Destination Folder NTFS Partition Non-NTFS Partition C: Move Permissions = Lose NTFS Write, Modify Permissions Full Control Permissions
  • 19. Class Discussion: Copying and Moving Files NTFS Partition NTFS Partition (C:) (D:) FC Users Data None Mary Move FileA FileA Public M Copy FileA Move Group 1
  • 20.  Sharing Resources  Using Shared Folders  Applying Shared Folder Permissions  How Shared Folder Permissions Are Applied  Guidelines for Administering Shared Folders
  • 21. Using Shared Folders  Apply Shared Folders Permissions Only to Entire Folder  Provide Only Network Security  Provide Security on Non-NTFS Volumes  Default Shared Folder Permission Is Full Control  A User Added to a Shared Folder Gets Read Permission  A Copy of a Shared Folder Is Not Shared  A Shared Folder Appears As an Icon of a Hand Holding a Folder Applications Data
  • 22. Applying Shared Folder Permissions Shared Folder Permissions Data Read Change Full Control  You Can Allow or Deny Shared Folder Permissions
  • 23. How Shared Folder Permissions Are Applied  Multiple Shared Folder Permissions Combine  Deny Overrides Other Permissions Data Group Change (Read) Change User File Read
  • 24. Guidelines for Administering Shared Folders Replace the Default Everyone Group with the Users Group Organize Resources According to Security Requirements Use Intuitive Share Names That All Client Computers Can Use
  • 25.  Creating Shared Folders  Requirements for Sharing Folders  Sharing a Folder  Assigning Shared Folder Permissions  Modifying Shared Folders  Connecting to Shared Folders  Administrative Shared Folders
  • 26. Requirements for Sharing Folders Operating system and role of computer Group Administrators or Windows 2003 Server As Domain Controller Server Operators Windows 2003 Server As Member Server Administrators or Windows 2003 Professional As Client Computer Power Users
  • 27. Sharing a Folder Applications Properties General Web Sharing Sharing Security You can share this folder among other users on your network. To enable sharing for this folder, click Share this folder. Do not share this folder Share this folderRequired Share name: Applications Comment: Application files User Limit: Maximum allowed Allow Users To set permissions for how users access this folder over the network, click Permissions. Permissions To configure settings for offline access to Caching this shared folder, click Caching. OK Cancel Apply
  • 28. Assigning Shared Folder PermissionsPermissions for Applications Security Name Add... Everyone Remove Select Users, Computers, or Groups Classroom1 Name In Folder Account Operators Classroom1 Permissions: Allow Deny Print Operators Classroom1 ANONYMOUS LOGON Classroom1 Full Control Authenticated Users Classroom1 Change BATCH Classroom1 Read CREATOR GROUP Classroom1 CREATOR OWNER Classroom1 Name: Check Names You have selected the following objects: OK Cancel Apply Name In Folder Account Operators Classroom1
  • 29. Modifying Shared Folders Applications Properties General Web Sharing Sharing Security You can share this folder among other users on your network. To enable sharing for this folder, click Share this folder. Do not share this folder Share this folder Applications Share name: Application files Comment: Maximum allowed User Limit: Allow 25 Users To set permissions for how users access Permissions this folder over the network, click Permissions. To configure settings for offline access to Caching this shared folder, click Caching. New Share OK Cancel Apply
  • 30. Connecting to Shared Folders  Open and Save Dialog Boxes of Most Applications My Network Open Places  Run on the Start Menu Explore Search for Computers… Map Network Drive Windows can help you connect to a shared network folder Map NetworkDrive… Network Drive… and assign a drive letter to the connection so that you can access the folder using My Computer. Disconnect Network Drive… Specify the drive letter for the connection and the folder that you want to connect to: Create Shortcut Drive: E: Rename Path: instructor1public Browse... Properties Example: servershare Reconnect at logon Connect using a different user name. Connect to a Web folder or FTP site. <Back Finish Cancel
  • 31. Administrative Shared Folders Share Purpose C$, D$, E$ The root of each partition is automatically shared Admin$ The C:Winnt folder is shared as Admin$ When the first printer is created, the folder Print$ containing the printer driver files is shared as Print$
  • 32.  NTFS Permissions and Shared Folders  Combining NTFS Permissions with Shared Folders  Securing Resources with NTFS Permissions  Class Discussion: Shared Folders and NTFS Permissions
  • 33. Combining NTFS Permissions with Shared Folders  Shared Folder Permissions Provide Less Security Than NTFS Permissions  Different NTFS Permissions Can Be Assigned for Each File and Folder in a Shared Folder  Shared Folder Permissions and NTFS Permissions Are Needed to Gain Access to Files on NTFS Volumes  Using Shared Folder Permissions to Control Access Increases Administrative Overhead  NTFS Permissions and Shared Folder Permissions Combine According to Different Rules
  • 34. Securing Resources with NTFS Permissions Four Steps Identify File Resources to Share Add These Files to a Folder Secure Folder with NTFS Permissions Share the Folder
  • 35. Class Discussion: Shared Folders and NTFS Permissions NTFS Partition C: Users Group FC Home User1 FC NTFS Permission User1 User2 FC NTFS Permission User2
  • 36. Troubleshooting Access ProblemsErr or No Access Permission Assigned to User or GroupErr or Permissions May Have ChangedErr or Changed Permissions Do Not Take Effect
  • 37. Best Practices Assign NTFS Permissions Before You Share a Folder Use Share Names Accessible by All Client Computers Organize Resources to Simplify Permission Assignments Assign Permissions to Groups Rather Than to Individual Users Remove Everyone Group and Assign Permissions to Users Group Document Locations of Shared Folders and Permissions Assign the Most Restrictive Permissions
  • 38. Review  Using NTFS Permissions  How Windows 2003 Applies NTFS Permissions  Assigning NTFS Permissions  Copying and Moving Files and Folders  Sharing Resources  Creating Shared Folders  NTFS Permissions and Shared Folders  Troubleshooting Access Problems  Best Practices