Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1
Overview NTFS Architecture NTFS Permissions & Guidelines NTFS Special Permissions Sharing Printers Managing and Troubleshooting Printers Required: Windows 7 Virtual Machine Fall Nassau Community College ITE153 – Operating Systems
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 Windows 7 Professional NTFS Permissions and Sharing Printers 3
NTFS NTFS is a high-performance and self-healing file system proprietary to Windows XP Vista NT & Windows 7, which supports file-level security, compression and auditing It also supports large volumes and powerful storage solution such as RAID Fall 2011 Nassau Community College ITE153 – Operating Systems 4
NTFS Architecture Fall 2011 Nassau Community College ITE153 – Operating Systems 5 ComponentComponent Description Hard diskContains one or more partitions. Boot sectorBootable partition that stores information about the layout of the volume and the file system structures, as well as the boot code that loads Ntdlr. Master Boot RecordContains executable code that the system BIOS loads into memory. The code scans the MBR to find the partition table to determine which partition is the active, or bootable, partition. Ntldlr.dllSwitches the CPU to protected mode, starts the file system, and then reads the contents of the Boot.ini file. This information determines the startup options and initial boot menu selections. Ntfs.sysSystem file driver for NTFS. Ntoskrnl.exeExtracts information about which system device drivers to load and the load order. Kernel modeThe processing mode that allows code to have direct access to all hardware and memory in the system. User modeThe processing mode in which applications run.
NTFS Permissions Shared Folder permissions are only at the folder level Files within the folder inherit the shared folder permission NTFS permissions can be assigned to a file independently of its parent folder File permissions take precedence over folder permission When NTFS permissions are used in combination with share permissions, the most restrictive permission applies Fall 2011 Nassau Community College ITE153 – Operating Systems 6
NTFS Permissions In Windows Explorer, right-click a file, folder or volume and choose Properties from the context menu. The Properties dialog box appears. Click the Security tab. Under Group or user names, select or add a group or user. At the bottom, allow or deny one of the available permissions. Fall 2011 Nassau Community College ITE153 – Operating Systems 7
NTFS Permissions The NTFS permission levels are as follows: Full Control - Users can do anything to the file, including taking ownership of it. It is recommended that you grant this level of access only to administrators Modify - Users can view and modify files and file properties, including deleting and adding files to a directory or file properties to a file. Users cannot take ownership or change permissions on the file Read & Execute - Users can run executable files, including scripts List Folder Contents - Users can view a list of a folder's contents Read - Users can view files and file properties Write - Users can write to a file. Fall 2011 Nassau Community College ITE153 – Operating Systems 8
NTFS Permissions Guidelines Use the following guidelines when you assign NTFS permissions: To simplify administration, group files into application, data, and home folders. Centralize home and public folders on a volume that is separate from applications and the operating system. Doing so provides the following benefits: You assign permissions only to folders, not to individual files Backup is less complex because you don't need to back up application files, and all home and public folders are in one location Allow users only the level of access that they require. If a user only needs to read a file, assign the Read permission to his or her user account for the file. This reduces the possibility of users accidentally modifying or deleting important documents and application files. Fall 2011 Nassau Community College ITE153 – Operating Systems 9
NTFS Permissions Guidelines Create groups according to the access that the group members require for resources, and then assign the appropriate permissions to the group. Assign permissions to individual user accounts only when necessary When you assign permissions for working with data or application folders, assign the Read & Execute permission to the Users group and the Administrators group. This prevents application files from being accidentally deleted or damaged by users or viruses Deny permissions only when it is essential to deny specific access to a specific user account or group Encourage users to assign permissions to the files and folders that they create and educate them about how to do so Fall 2011 Nassau Community College ITE153 – Operating Systems 10
NTFS Permission Combinations Rules Fall 2011 Nassau Community College ITE153 – Operating Systems 11
NTFS Permission Inheritance Fall 2011 Nassau Community College ITE153 – Operating Systems 12
Special NTFS Permissions There are fourteen special permissions to fine-tune your security Click the Advanced button on the Security tab, then click the Effective Permissions tab Fall 2011 Nassau Community College ITE153 – Operating Systems 13
Special NTFS Permissions Fall 2011 Nassau Community College ITE153 – Operating Systems 14 IMPORTANT: Groups or users who are granted Full Control on a folder can delete any files in that folder regardless of the permissions that protect the file.
Lab A: NTFS Permissions Fall Nassau Community College ITE153 – Operating Systems
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 Windows 7 Professional Sharing Printers 16
Sharing Printers Printer Environment Printer Printer Port Printer Driver Printer Spooling Print Directory Network Fall 2011 Nassau Community College ITE153 – Operating Systems 17
Shared Folders Fall 2011 Nassau Community College ITE153 – Operating Systems 18
Connecting a Network Printer You can use the Add Printer Wizard to make things easy The UNC is back but in this format: \\printservername\sharename \\printservername\sharename You can use Active Directory to Find a printer in the Directory You will probably have to create a TCP/IP port Fall 2011 Nassau Community College ITE153 – Operating Systems 19
Adding a Printer Fall 2011 Nassau Community College ITE153 – Operating Systems 20
Print Management Fall 2011 Nassau Community College ITE153 – Operating Systems 21
Print Services Fall 2011 Nassau Community College ITE153 – Operating Systems 22
Print Services Fall 2011 Nassau Community College ITE153 – Operating Systems 23
Linux Printing The new CUPS interface recognizes many printers. Specific printers not recognized can often be installed using instructions found at the Linux Foundation OpenPrinting database.CUPSthe Linux Foundation OpenPrinting database Add a Printer Menu -> System -> Administration -> Printing -> Server -> New -> Printer Most of the time, your printer (if connected and turned on) will be detected automatically. e.g., my network printer with its own IP address at was correctly installed at hp:/net/Photosmart_D110_series?zc=HP54DDCF You can also choose printers on a Windows system via Samba and other types of networked printers, in addition to directly connected printers.Samba Use CUPS web interface From any web browser, go to the URL: Fall 2011 Nassau Community College ITE153 – Operating Systems 24
Lab B: Sharing Printers Fall Nassau Community College ITE153 – Operating Systems
Important URLS NTFS Technical Reference - What it is, how it works, and tools to use. NTFS Technical Reference NTFS.com - everything you ever wanted to know about NTFS NTFS.com Securing Resources with NTFS Permissions - good, practical tutorial on NTFS permissions Securing Resources with NTFS Permissions CUPS - Command Line Unix Printing, this is a great site for help in setting up printers in Linux CUPS SAMBA - This software providers interoperability between Windows and everything else SAMBA Windows 2008 Server Print Management - lots of helpful information from Microsoft Windows 2008 Server Print Management Fall 2011 Nassau Community College ITE153 – Operating Systems 26
Homework Review the Slides Review Lessons 10 &11 In The Text Fall 2011 Nassau Community College ITE153 – Operating Systems 27