Applying NTFS Permissions

You apply NTFS permissions through Windows Explorer. Right-click the file or folder that you want to control access to and select Properties from the popup menu. This brings up the folder or file Properties dialog box. Figure 7.1 shows a folder Properties dialog box.

The process for configuring NTFS permissions for folders and files is the same. The examples in this chapter use a folder, because NTFS permissions are most commonly applied at the folder level.

FIGURE 7.1 The folder Properties dialog box

General | Sharing ] Security]

l

| Test

Location:

Size:

Size on disk: Contains:

File Folder DA

0 bytes 0 bytes

0 Files, 0 Folders

Created:

Today, March 23,2000,1:04:01 PM

Attributes:

Read-only Advanced... j Hidden

OK | Cancel

The tabs in the file or folder Properties dialog box depend on the options that have been configured for your computer. For files and folders on NTFS partitions, the dialog box will contain a Security tab, which is where you configure NTFS permissions. (The Security tab is not present in the Properties dialog box for files or folders on FAT partitions, because FAT partitions do not support local security.) The Security tab lists the users and groups that have been assigned permissions to the folder (or file). When you click a user or group in the top half of the dialog box, you see the permissions that have been allowed or denied for that user or group in the lower half of the dialog box, as shown in Figure 7.2.

FIGURE 7.2 The Security tab of the folder Properties dialog box

General | Sharing Security |

Name

¡33 Everyone

¡33 Users (SAMPLE\Users)

Jjxj

Remove

Emissions:

Allow

Deny

Full Control

Modify

Read & Execute

0

List Folder Contents

0

Read

0

Write

Allow inheritable permissions from parent to propagate to this object

Allow inheritable permissions from parent to propagate to this object

Apply

To apply NTFS permissions, take the following steps:

1. In Windows Explorer, right-click the file or folder that you want to control access to, select Properties from the pop-up menu, and click the Security tab of the Properties dialog box.

2. Click the Add button to open the Select Users, Computers, or Groups dialog box, shown in Figure 7.3. You can select users in the computer's local database or your domain (or trusted domains) from the list box at the top of the dialog box. The list box at the bottom of the dialog box lists all of the groups and users for the location that was specified in the top list box.

FIGURE 7.3 The Select Users, Computers, or Groups dialog box

FIGURE 7.3 The Select Users, Computers, or Groups dialog box

3. Click the user, computer, or group that you wish to add and click the Add button. The user, computer, or group appears in the bottom list box. Use Ctrl+click to select noncontiguous users, computers, or groups or use Shift+click to select contiguous users, computers, or groups.

4. You return to the Security tab of the folder Properties dialog box. Highlight each user, computer, or group in the top list box individually and specify the NTFS permissions that should be applied. When you are finished, click the OK button.

Through the Advanced button of the Security tab, you can configure more granular NTFS permissions, such as Traverse Folder/Execute File and Read Attributes permissions.

To remove the NTFS permissions for a user, computer, or group, highlight the user, computer, or group you wish to remove in the Security tab and click the Remove button. Note that if the permissions are being inherited, you must first uncheck the Allow Inheritable Permissions from Parent to Propagate to This Object check box before removing the permissions.

Be careful when you remove NTFS permissions. Unlike when you delete most other types of items in Windows 2000 Server, you won't be asked to confirm the removal of NTFS permissions.

0 0

Post a comment