How do I… Secure Windows XP NTFS files and shares? – Part V

NTFS permissions permit applying more granular rights, as compared to folder shares

 

 

NTFS Permissions
Windows NTFS permissions provide a host of additional permissions options. In addition, NTFS permissions can be applied to a single file or folder.
Before configuring NTFS permissions, first ensure the Windows XP system is configured to use the NTFS file system:

  1. Click Start.
  2. Click Run.
  3. Type compmgmt.msc and click OK. The Computer Management console will appear.
  4. Highlight Disk Management within the Storage section to learn the file system in use for each of the system’s drives.

If a hard disk or partition isn’t formatted using NTFS, you can upgrade the disk by typing convert X: /fs:ntfs where X denotes the drive requiring the upgrade. Using the convert command, you can upgrade a drive to NTFS without losing its data. However, it’s always best to confirm you have a working backup on hand before executing the command.
To configure NTFS permissions:

  1. Right-click the file or folder you wish to share.
  2. Select Properties from the pop-up menu.
  3. Click the Security tab.
  4. Use the Add/Remove buttons to add and remove permissions for users and groups.
  5. Highlight the respective user or group within the Group Or User Names window and specify the appropriate permissions from within the Permissions For User/Group window using the provided Allow and Deny checkboxes.
  6. Click OK to apply the changes.

Note that, by default, subfolders will inherit permissions from parent folders. To customize permissions inheritance, click the Advanced button found on the share or filename’s Properties dialog box.
Several NTFS permissions are available:

  • Full Control — enables a user or group to perform essentially all actions, including view files and subfolders, execute application files, list folder contents, read and execute files, change file and folder attributes, create new files, append data to files, delete files and folders, change file and folder permissions and take ownership of files and folders.
  • Modify — enables a user or group to view files and subfolders, execute application files, list folder contents, view file and folder attributes, change file and folder attributes, create new files and folders, append file data and delete files.
  • Read & Execute — enables a user or group to view files and folders, execute application files, list folder contents, read file data and view file and folder attributes.
  • List Folder Contents — enables a user or group to navigate folders, list folder contents and view file and folder attributes.
  • Read — enables a user or group to view a folder’s contents, read data and view file and folder attributes.
  • Write — enables a user or group to change file and folder attributes, create new files, make changes to files and create new folders and append file data.

ref: http://content.techrepublic.com.com/2346-10877_11-63838-1.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: