1 / 18

IOS110 Introduction to Operating Systems using Windows Session 8

IOS110 Introduction to Operating Systems using Windows Session 8. 1. Objectives: Shared Folders NTFS. Shared Folders. Shared Folders. Shared Folders Permissions apply to all entries in the folder (as the name implies) No affect on local users

elga
Download Presentation

IOS110 Introduction to Operating Systems using Windows Session 8

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IOS110 Introduction to Operating Systems using Windows Session 8 1

  2. Objectives: • Shared Folders • NTFS

  3. Shared Folders

  4. Shared Folders • Shared Folders • Permissions apply to all entries in the folder (as the name implies) • No affect on local users • Files/Folders on FAT/FAT2 partitions can only be secured by Shared Folder permissions only – NTFS permissions cannot be applied • A new shared folder defaults to the group Everyone, with Full Control permissions • The only built-in groups that can share a folder are: • Administrators • Power Users • Permissions that can be granted on a Shared Folder are: • Read (display folder names, files names, file data and attributes. Run executables. Navigate to folders within the Shared Folder • Change – All Read Permissions and: Create folders, add files to folders, change data in files, append data in files • Full Control – All Read and Change permissions and: change file permissions, take ownership of files. • Deny – Used to override permissions already in place. For example, a new employee may have access to a set of folders as they are members of a group. However, until their probation is over, they may be denied accessing some of the folders. • A folder can be shared more than once with different names – this is a means to solve the 8.3 filename restriction on older operating systems • Permissions can be customized 4

  5. Shared Folders • Points to Ponder • Denying permission overrides all other shared permissions that may be applied to a folder • Multiple permissions accumulate • Copying of moving a folder alters the shared permissions associated with that folder • When you share a folder that is located on an NTFS volume, you will still need to consider the NTFS permissions that apply to that folder • When a shared folder and NTFS permissions combine, the most restrictive permissions apply • If a folder resides on an NTFS volume. you will need at least the NTFS Read permission to be able to share that folder at all 5

  6. Shared Folders – Sharing Strategies • Applications • Sharing an application folder on a server is indented to make it available to clients on the network • Install and administer one copy, instead of many copies across the client population • Create a central shared folder to hold all other application folders – permissions can be administered from the top-most application folder • Administrators can be granted Full Control (through Administrative Shared Folders) • After shared has been created – remove Everyone group from the share, and add Users group to the share with Read Permission • If necessary, assign Change Permission to groups such as Power Users – they may need to upgrade software or troubleshoot applications • If necessary, you can create separate shared folders located outside the folder hierarchy fro applications that need customized permissions • When creating permissions, start with the most restrictive set. 6

  7. Shared Folders – Sharing Strategies • Data • Keep data folders separate from application folders • Configure permissions to allow read and write privileges 7

  8. Shared Folders • Connecting to Shared Resources • My Network Places • Windows Explorer • Run Command • Mapping a drive 8

  9. Administrative Shared Folders • Background • When a hierarchy of folders are being shared, they are shared from the root (of the hierarchy) downwards. • Administrative Shares are created at the root of the partition – thus allowing Administrators to manage the PC from the root on down • By default, Administrative Shares are assigned only to the Administrative Group with Full Control • Drives are given the share name of the letter followed by a $: • C$, D$, E$, etc. including the CD-ROM drive • The \WINDOWS folder is given the share name of Admin$ • When the first shared printer is installed, the Administrative Share $Print is created, and points to the directory where printer driver files are stored • Power Users are also given Full Control 9

  10. Shared Folders • Shared Documents Folder • Created when 2 or more local accounts exist • Automatically shared • Used to locally share documents between the local user accounts • When connected to a network, allows the sharing of documents between computers 10

  11. Shared Folders • ForceGuest • For WinXP PCs not connected to a domain • Forces all users logging onto the computer across the network to user the Guest account • No need to have an account on every PC that contains resources you need • Even though you provide a user ID and password, you will only receive Guest-level access – Defaults to a more secure model • Is turned on when WinXP uses the Simple Sharing user interface 11

  12. NTFS

  13. NTFS • Folder Permissions • Read • Write • List Folder Contents • Read and Execute • Modify • Full Control • File Permissions • Read • Write • Read and Execute • Modify • Full Control • Special Access Permissions • 28 variations (14 folder, 14 file) • More granular than the above permissions, and are used to construct the standard permissions: • READ = List Folder/Read Data + Read Attributes + Read Extended Attributes + Read Permissions 13

  14. NTFS • Access Control Lists (ACLs) • Stored with every file and folder on an NTFS volume • ACL is a list of users and groups that have been granted access, as well as the type of access • Access Control Entry (ACE) is a detail record in the ACL • Group Membership and NTFS Permissions • Your permissions are the cumulative permissions of all your group memberships • Is the least restrictive set of permissions • Exception is the Denied permission • File permissions override folder permissions – again the exception is if you are Denied • How File and Folder Permissions Work Together • If there is a conflict between file permissions and folder permissions, the file permissions will apply 14

  15. NTFS • Applying and Modifying NTFS Permissions • WinNT/2K – default was to give Everyone group Full Control on the formatted volume • WinXP – NTFS permissions are applied when you first create a folder: • Administrators • users that own files and folders (Creator Owner) • System group • all get Full Control • Users group • get Read and Execute • To view and modify NTFS permissions you must disable Simple File Sharing • Inheritance of NTFS Permission • Permissions are inherited from parent folder to all is files and to subfolders • Change Permission and Take Ownership Permission • Change Permission: • By default Administrators and file owners can change a file's permissions • The Change permission can be assigned to another user to be able to manage the permissions on files • Take ownership • Can be granted to a user that is taking over the responsibilities of another user • Administrator or original user (Full Control) can grant Take Ownership 15

  16. NTFS • NTFS Permissions and Copying • Same rules as when Copying Compressed Files • NTFS Permissions and Moving • Same rules as when Moving Compressed Files • Modify Permission is required at the source folder so that the file can be deleted • Write permission is required at the destination folder to create the file 16

  17. NTFS • Shared Folder / NTFS permissions • To what objects can you apply these permissions? • Where are these permissions effective • How are multiple permissions accumulated? • When both folder and file permissions are present, which takes precedence? • Shared Folder and NTFS permissions Combined • The most restrictive permissions apply: • (NTFS) + (Shared) = Effective Permission • (Full Control) + (Read) = Read • (Read + Write ) + (Full Control) = Read + Write • (Read) + (Change) = Read • Windows XP provides a tab to view the effective permissions on a file/folder 17

  18. NTFS An Example Payables Users: NTFS:Read & Execute Accountants: NTFS:Write Bob local Users group local Accountant group Bob's effective Permissions = Modify Payables Users: NTFS:Read & Execute Accountants: NTFS:Write Everyone: SF:Read Users: SF:Read Bob's effective Permissions = ? Simple Fix? 18

More Related