As mentioned, the share permissions are meaningless when someone is accessing files and folders locally. You can still secure files locally, however, if you use NTFS permissions. Before you do so, you need to take two preliminary steps:
Once you take these steps, you'll see the Security tab when examining the Properties of a file or folder stored on and NTFS partition. As shown in Figure 11-7, the Security tab contains an ACL where you set NTFS permissions. Like share permissions, you can have very granular control over permissions for individual users and groups. The NTFS permissions are more powerful and flexible than share level permissions, though.
Figure 11-7. NTFS permissions are set with the Security tab.
NTFS permissions are a function of NTFS attributes, a full discussion of which is beyond the scope of this book. You can view the individual NTFS attributes by clicking on the Advanced button, but I'll let you explore that on your own.
Here's what's important to keep straight about NTFS permissions:
And finally this, which merits a separate paragraph: when NTFS and share permissions are combined, the effective permission is the most restrictive permission. For example, if a user is granted the share-level permission Full Control and the NTFS permission Read, the effective permission is… Read. (It's confusing, I know, but you've got it in writing, so you can re-read this chunk if necessary.)