chapter 5 managing file access l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Chapter 5 – Managing File Access PowerPoint Presentation
Download Presentation
Chapter 5 – Managing File Access

Loading in 2 Seconds...

play fullscreen
1 / 15

Chapter 5 – Managing File Access - PowerPoint PPT Presentation


  • 231 Views
  • Uploaded on

Chapter 5 – Managing File Access. MIS 431 Created Spring 2006. Permissions!!. The main reason for implementing a network is to allow users to access shared resources. Resources such as files, folders, and printers are secured in WS03 via use of permissions.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Chapter 5 – Managing File Access' - Olivia


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
chapter 5 managing file access

Chapter 5 – Managing File Access

MIS 431 Created Spring 2006

MIS 431 - Chapter 5

permissions
Permissions!!
  • The main reason for implementing a network is to allow users to access shared resources.
  • Resources such as files, folders, and printers are secured in WS03 via use of permissions.
  • WS03 handles both FAT and NTFS volumes, but NTFS is assumed – a richer permission environment.

MIS 431 - Chapter 5

ws03 file systems
WS03 File Systems
  • FAT – up to 4 GB; limitations are small partition size and no file security features
  • FAT32 – up to 2 TB partitions but no file security features
  • NTFS – version 5 in WS03
    • Supports up to 16 TB (terabytes)
    • Greater scalability over FAT and better performance
    • Support for WS03 AD – DC must have an NTFS partition
    • Built-in encryption and compression
    • Configure disk quotas for users
    • Support for remote storage and removable media
    • Recovery logging of disk activities for faster recovery after a failure

MIS 431 - Chapter 5

creating managing shared folders
Creating & Managing Shared Folders
  • A shared folder is a data resource that is made available over network to auth. Users
  • Users must have proper rights to create a shared folder
    • Be in the Administrators or Server Operators groups
    • Be in the Power Users group on WS03 servers that are not domain controllers

MIS 431 - Chapter 5

to create a shared folder
To Create a Shared Folder
  • Using Windows Explorer (Activity 5-1)
    • Rt click on folder and click Sharing Tab - see figure 5-2 on p. 185
    • Choose Share this folder, give share name, and specify Permissions
    • Folder has shared icon (hand underneath)
  • Administrative share name: Admin$
    • Has dollar sign at end and is hidden
    • Only Administrators can see and access root of the drive with C$ or D$

MIS 431 - Chapter 5

to create a shared folder contd
To Create a Shared Folder, contd.
  • Using Computer Management (Act. 5-2) MMC
    • Use the Share a Folder Wizard in Shared Folders section: expand and click Shares
    • The wizard also lets you configure permissions
      • All users have read-only access (Everyone group has Read permission)
      • Administrators have full access; others read-only
      • Administrators have full access; others read and write
      • Custom share permissions – Allows both share and NTFS permissions to be defined manually by group and/or user
  • Using net share command from command line.

MIS 431 - Chapter 5

monitoring access to shared folders
Monitoring Access to Shared Folders
  • Keep track of the number of users connected to specific resources
    • Use Computer Management MMC – examine Sessions and Open Files lines
    • Can Rt-click Computer Management (Local) and choose Connect to manage a different server in the domain.
  • Can disconnect a user or open file connection: rt-click the entry in the Details pane and choose Close Open File or Close Session – takes place immediately.

MIS 431 - Chapter 5

shared folder permissions
Shared Folder Permissions
  • DACL – discretionary access control list
    • Part of the security descriptor with list of users that have been
      • Allowed access to that resource
      • Disallowed access to that resource
    • Applies to network only, not users logged in locally to that computer

MIS 431 - Chapter 5

more ws03 permissions
More WS03 Permissions…
  • Permissions in WS03
    • Read – browse file and folder names, read contents, execute programs
    • Change – same as Read plus ability to add or delete files in the folder; also can read and edit contents of existing files
    • FullControl – same as Read and Change plus ability to change permissions for the folder

MIS 431 - Chapter 5

implementing ws03 permissions
Implementing WS03 Permissions
  • See Act. 5-3
    • Click Sharing tab and then Permissions button
    • Within Group or user names list box
      • Click Add
      • Enter a group name or a user name, click OK
      • In Allow column, select Full, Change, or Read
      • In Deny column, select Full, Change, or Read
    • DENY trumps Allow: don’t deny and allow same thing!

MIS 431 - Chapter 5

ntfs permissions
NTFS Permissions
  • These add to the WS03 permissions and give finer control
  • NTFS Permission Concepts:
    • Configure with Security tab
    • Permissions are cumulative: they add based on individual and group permissions
    • Denied permissions always override
    • Folder permissions are inherited by child folders and files unless otherwise specified
    • Can be set at a file level as well as folder level
    • Default is Read; Read & Execute; List Folder Contents

MIS 431 - Chapter 5

standard ntfs fig 5 12 p 198
Standard NTFS (Fig 5-12 p. 198)
  • Full Control – make any changes
  • Modify – Full except permission to delete subfolders and files, change permissions, or take ownership
  • Read & Execute – Can traverse folders, list folders, read attributes & permissions; inherited by folders and files
  • List Folder Contents – Same as Read & Execute but inherited only by folders
  • Read – Same as Read & Execute except without permission to traverse folders
  • Write – Create files and folders, write attributes, read permissions, synchronize
  • Special – can choose custom combination (see Table 5-3)
    • See Activity 5-5

MIS 431 - Chapter 5

determine effective permissions
Determine Effective Permissions
  • Much better technique in WS03
    • Rt-click a folder
    • Click Effective Permissions tab in Advanced Security Settings dialog box (Act. 5-6)
    • Select a user or group, and read the effective permissions for that folder by that user/group

MIS 431 - Chapter 5

combining shared folder and ntfs permissions act 5 7
Combining Shared Folder and NTFS Permissions (Act. 5-7)
  • When combining WS03 and NTFS:
    • When a user access a share across the network, the permissions combine
    • Most restrictive of the two becomes the effective permission
    • When a user accesses a file locally, only NTFS permissions apply.

MIS 431 - Chapter 5

convert fat partition to ntfs
Convert FAT Partition to NTFS
  • Use command line utility called CONVERT to convert a FAT or FAT32 partition to NTFS 5.
  • In Activity 5-8, you will use Disk Management to create a new partition
    • Requires that you have space available.
    • Specify FAT32 for this partition and size
    • Give name and drive letter (in this case, F:)
    • Then create a folder and examine properties
    • Do Start | Run | Convert f:/fs:ntfs

MIS 431 - Chapter 5