1 / 33

Mastering Windows Server 2003 Group Accounts & Access Control

Learn to manage folder, file, and printer access in Windows Server 2003 using group accounts efficiently. Understand group scope, membership rules, best practices, and troubleshooting methods to control access to resources effectively.

jamieh
Download Presentation

Mastering Windows Server 2003 Group Accounts & Access Control

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lesson 8-Crowd Control: Controlling Access to Resources Using Groups by Rashid Khan

  2. Overview • Windows Server 2003 group accounts. • Manage folder, file, and printer access. • Troubleshoot share and access control problems. by Rashid Khan

  3. Windows Server 2003 Group Accounts • Group accounts are used to assign permissions to groups of users. • Windows Server 2003 offers domain local groups, global groups, and universal groups. by Rashid Khan

  4. Windows Server 2003 Group Accounts • Group scope and membership rules. • Best practices for using group accounts. by Rashid Khan

  5. Group Scope and Membership Rules The scope of a group determines: • The group’s ability to access resources within the logical structure of the network. • The accounts that can join a group as a member, and whether or not each group can join other groups. by Rashid Khan

  6. Group Scope and Membership Rules Domain Local Groups Scope and Membership Rules by Rashid Khan

  7. Group Scope and Membership Rules Global Groups Scope and Membership Rules by Rashid Khan

  8. Group Scope and Membership Rules Universal Groups Scope and Membership Rules by Rashid Khan

  9. Best Practices for Using Group Accounts • Group accounts are created in the Active Directory. • Most group management tasks are performed using the group’s properties dialog box. by Rashid Khan

  10. Best Practices for Using Group Accounts Group’s Properties dialog box by Rashid Khan

  11. Best Practices for Using Group Accounts • Domain local groups can be used to represent the resources being shared on the network. • Global groups should be used to hold user and/or computer accounts that are similar in function and/or their need to access resources. • Universal groups are used to provide users in one domain access to resources in any other domain in the forest. by Rashid Khan

  12. Manage Folder, File, and Printer Access • Share permissions • NTFS permissions • Printer permissions by Rashid Khan

  13. Share Permissions Permissions dialog box for a shared folder by Rashid Khan

  14. Share Permissions The Read permission enables users to: • Run programs. • Open and view data files. • View the names of all files and folders within the shared folder. by Rashid Khan

  15. Share Permissions The Change permission enables users to: • Change data files. • Add and remove files and subfolders within the shared folder. by Rashid Khan

  16. Share Permissions Full Control permission is used to: • Change permissions on the shared folder. • Add new users and set their access level. by Rashid Khan

  17. NTFS Permissions NTFS permissions: • Determine what users can do with the files and folders stored on an NTFS-formatted hard drive. • Apply whether the files or folders are accessed over the network or locally. by Rashid Khan

  18. NTFS Permissions • Standard permissions • Special permissions • Inheritance • Ownership • Effective permissions by Rashid Khan

  19. Standard Permissions NTFS permissions for a folder by Rashid Khan

  20. Standard Permissions NTFS Standard Permissions As They Apply to Folders and Files by Rashid Khan

  21. Special Permissions Advanced Security Settings dialog box for a folder by Rashid Khan

  22. Special Permissions Permission Entry dialog box for a folder by Rashid Khan

  23. Inheritance • By default, all permissions applied to the parent folder are inherited by the files and subfolders it contains. • Inheritance can be modified through the Advanced Security Settings dialog box. by Rashid Khan

  24. Ownership • The Owner tab is used to change the owner of a file or folder. • By default, the ownership of a file or folder belongs to the account that created it. by Rashid Khan

  25. Effective Permissions • The Effective Permissions tab provides a quick analysis of the effective permission for a user or group account. • Effective permission is the overall effect of all combined permissions inherited from group membership. by Rashid Khan

  26. Printer Permissions • Standard printer permissions. • Special printer permissions. by Rashid Khan

  27. Standard Printer Permissions The standard printer permissions are: • Print • Manage Printers • Manage Documents by Rashid Khan

  28. Standard Printer Permissions Printer permissions are found on the Security tab of the printer’s properties dialog box. by Rashid Khan

  29. Special Printer Permissions Special printer permissions by Rashid Khan

  30. Troubleshoot Share and Access Control Problems • Check share and NTFS partitions. • Use the Effective Permissions utility. by Rashid Khan

  31. Troubleshoot Share and Access Control Problems • Check group membership. • Check special permissions. by Rashid Khan

  32. Summary • Windows Server 2003 offers domain local groups, global groups, and universal groups. • Share and NTFS permissions must be properly configured for file and folder resources to be usable. • Share permissions include Read, Change, and Full Control. by Rashid Khan

  33. Summary • NTFS standard permissions include Write, Read, List Folder Contents, Read & Execute, Modify, and Full Control. • The standard printer permissions are Print, Manage Printers, and Manage Documents. • Aspects such as share and NTFS permissions, group membership, and special permissions must be checked to troubleshoot share and access control problems. by Rashid Khan

More Related