Of Windows 2003 NTFS and Permissions

Previous page
Table of content
Next page
team lib

NTFS is a file system just like FAT and FAT32 (the 32-bit File Allocation Table used in Windows 98) are file systems. The difference between NTFS and these other file systems is that NTFS is an object-oriented file system . Unlike FAT and FAT32, NTFS sees everything in NTFS partitions as objects of some specific type that have attributes and to which methods and services can be applied. The benefit of using NTFS is that you can set permissions for the volumes , files, and directories that use NTFS.

In fact, NTFS recognizes three types of objects:

  • Volumes: The NTFS-formatted drive partitions that show up as disk drive icons. A volume object may contain files and directories.

  • Directories: Named containers for files that occur in a volume or in some other directory. In fact, Windows 2003 allows you to nest directories however deep you want, which means that you can put as many directories within directories within directories as you like (although nested directories reach a point of diminishing returns fairly quickly).

  • Files: Named containers for data that include type, size , dates, and content among their attributes. Files are where information actually resides in NTFS.

Tip 

To examine the permissions for any object in NTFS, right-click that object in Windows Explorer, My Computer, or Active Directory Sites and Services. In the pop-up menu, select Properties and then click the Security tab. At the bottom of the Security dialog box, you see the Permissions section (as shown in Figure 16-1). From here, you can investigate the list of available permissions for this object (volume E on our hard drive in this case) through the list that appears in the Permissions section in the lower half of the screen.

click to expand
Figure 16-1: The Permissions list shows you all the permissions that apply to the object.

NTFS permissions

The Permissions list shows permissions for files, volumes, and directory objects in NTFS. NTFS file, volume, and directory permissions are similar. The only real differences are that container objects offer child inheritance options and a few permissions apply only to containers. We use the generic term container to refer to volumes and directories in other words, objects that act as parents to child objects.

Windows 2003 has a slightly different method of permission assignments and permission restrictions than what is used in Windows NT, but the same method as what is used in Windows 2000. First and foremost, it does not have the No Access permission. Instead, all permissions are either granted or restricted using an Allow or Deny setting. Selecting Deny for all possible permissions for an NTFS object under Windows 2003 is the same as the No Access setting in Windows NT.

The standard or normal NTFS permissions are

  • Read grants users the ability to view and access the contents of the folder or file.

  • Write (folders) grants users the ability to create new folders and files within the folder.

  • Write (files) grants users the ability to change the contents of a file and to alter its attributes.

  • List Folder Contents (folders only) grants users the ability to see the names of the contents of a folder.

  • Read & Execute (folders) grants users the ability to view and access the contents of the folder or file and to execute files.

  • Read & Execute (files) grants users the ability to view and execute files.

  • Modify (folders) grants users the ability to delete a folder and its contents, to create new files and folders within a folder, and to view and access the contents of a folder.

  • Modify (files) grants users the ability to delete a file, change the contents of a file, alter a file's attributes, and to view and access a file.

  • Full Control (folders) grants users unrestricted access to all of the functions of files and folders.

  • Full Control (files) grants users unrestricted access to all of the functions of files.

Advanced permissions

Advanced permissions are detailed controls that can be used to create special access rights when the standard compliment of permissions don't properly apply. Advanced controls are accessed by clicking the Advanced button on the Permissions tab of an NTFS object. This reveals the Advanced Security Settings dialog box, which has four tabs: Permissions, Auditing, Owner, and Effective Permissions. The Permissions tab is used to define special-detail permissions. The Auditing tab is used to define the auditing scheme. The Owner tab is used to view the current owner or take ownership of an object. The Effective Permissions tab displays the permissions a user or group has on the current object based on all applicable permission settings.

On the Permissions tab, users or groups can be added and their specific permissions defined. The possible selections are

  • Full Control

  • Traverse Folder/Execute File

  • List Folder/Read Data

  • Read Attributes

  • Read Extended Attributes

  • Create Files/Write Data

  • Create Folders/Append Data

  • Write Attributes

  • Write Extended Attributes

  • Delete

  • Read Permissions

  • Change Permissions

  • Take Ownership

If you really must dig up all the details on special access rights, please consult Microsoft's TechNet CD and the Windows Server 2003 Resource Kit.

team lib

Previous page
Table of content
Next page
Windows Server 2003 for Dummies
Windows Server 2003 for Dummies
ISBN: 0764516337
EAN: 2147483647
Year: 2003
Pages: 195
Authors: Ed Tittel, James Michael Stewart
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
The CISSP and CAP Prep Guide: Platinum Edition
Building Web Applications with UML (2nd Edition)
The Complete Cisco VPN Configuration Guide
Cisco IOS Cookbook (Cookbooks (OReilly))
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy