11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.

Slides:



Advertisements
Similar presentations
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
Advertisements

11 CONFIGURING AND MANAGING SHARED FOLDER SECURITY Chapter 8.
1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
Lesson 4: Configuring File and Share Access
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
Group Accounts; Securing Resources with Permissions
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Chapter 7 WORKING WITH GROUPS.
Chapter 5 File and Printer Services
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 6: Windows File and Print Services.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.
Week 9 Objectives Securing Files and Folders Protecting Shared Files and Folders by Using Shadow Copies Configuring Network Printing.
Implementing File and Print Services
Chapter 7: WORKING WITH GROUPS
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 5: Managing File Access.
Microsoft Internet Information Services 5.0 (IIS) By: Edik Magardomyan Fozi Abdurhman Bassem Albaiady Vince Serobyan.
IOS110 Introduction to Operating Systems using Windows Session 8 1.
Course ILT Internet/intranet support Unit objectives Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV.
Internet Information Server © N. Ganesan, Ph.D. All Rights Reserved.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 23 Shared Folders 1.
Module 4 Managing Access to Resources in Active Directory ® Domain Services.
Managing Groups, Folders, Files and Security Local Domain local Global Universal Objects Folders Permissions Inheritance Access Control List NTFS Permissions.
Chapter 9: SHARING FILE SYSTEM RESOURCES1 CHAPTER OVERVIEW  Create and manage file system shares and work with share permissions.  Use NTFS file system.
1 Chapter Overview Creating Drive and Folder Shares Using Distributed File System Installing Network Printers Administering Network Printers Managing Share.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
Module 3 Configuring File Access and Printers on Windows ® 7 Clients.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Module 3: Configuring File Access and Printers on Windows 7 Clients
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.
Page 1 NTFS and Share Permissions Lecture 6 Hassan Shuja 10/26/2004.
Lesson 13: Configuring Shared Resources
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
Guide to MCSE , Second Edition, Enhanced 1 Managing NTFS Permissions NTFS Only file system supported by Windows XP that offers file- level security.
11 PLANNING A GROUP POLICY MANAGEMENT AND IMPLEMENTATION STRATEGY Chapter 10.
1 Chapter Overview Creating Web Sites and FTP Sites Creating Virtual Directories Managing Site Security Troubleshooting IIS.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
1 Objectives Discuss File Services in Windows Server 2008 Install the Distributed File System in Windows Server 2008 Discuss and create shared file resources.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
Configuring and Managing Resource Access Lecture 5.
1 Chapter Overview Understanding Shared Folders Planning, Sharing, and Connecting to Shared Folders Combining Shared Folder Permissions and NTFS Permissions.
Windows Server 2003 檔案分享管理 林寶森
1 Introduction to Shared Folders Shared folders provide network users access to files. Users connect to the shared folder over the network. Users must.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
Unit 8 NT1330 Client-Server Networking II Date: 2?10/2016
11 SUPPORTING WINDOWS XP FILE AND FOLDER ACCESS Chapter 5.
ITMT Windows 7 Configuration Chapter 6 – Sharing Resource ITMT 1371 – Windows 7 Configuration 1.
Lesson 4: Configuring File and Share Access
Module 4: Managing Access to Resources
Managing Data by Using NTFS
Chapter 9: Managing Groups, Folders, Files, and Object Security
Presentation transcript:

11 SHARING FILE SYSTEM RESOURCES Chapter 9

Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with share permissions Use NTFS file system permissions to control access to files Manage file sharing using Internet Information Services (IIS) Create and manage file system shares and work with share permissions Use NTFS file system permissions to control access to files Manage file sharing using Internet Information Services (IIS)

Chapter 9: SHARING FILE SYSTEM RESOURCES3 UNDERSTANDING PERMISSIONS OVERVIEW File system permissions Share permissions Active Directory permissions Registry permissions – ( REGEDIT ) File system permissions Share permissions Active Directory permissions Registry permissions – ( REGEDIT )

Chapter 9: SHARING FILE SYSTEM RESOURCES4 ACCESS CONTROL LISTS (ACL) Lab: Properties for root of a drive Windows Explorer Right-click Properties Lab: Properties for root of a drive Windows Explorer Right-click Properties Access Control Entries ACL has ACEs

Chapter 9: SHARING FILE SYSTEM RESOURCES5 PERMISSIONS Permissions are keys to unlock access to resources. Full Control permission is the master key. Permissions are keys to unlock access to resources. Full Control permission is the master key.

Chapter 9: SHARING FILE SYSTEM RESOURCES6 INHERITANCE Allows permissions assigned at one folder to flow down to subsequent files and folders Can be overridden by explicit permission assignment or inheritance blocking Useful in reducing the number of permission assignments required Allows permissions assigned at one folder to flow down to subsequent files and folders Can be overridden by explicit permission assignment or inheritance blocking Useful in reducing the number of permission assignments required

Chapter 9: SHARING FILE SYSTEM RESOURCES7 INHERITANCE FolderUser Permissions (Grand) Parent Folder Parent Folder 1 Child Folder 1A Child Folder 1B Parent Folder 2 Child Folder 2A Child Folder 2B Parent Folder 3 Child Folder 3A Read Write Delete Folders/Files ???? ????? ?????? Folders/Files

Chapter 9: SHARING FILE SYSTEM RESOURCES8 EFFECTIVE PERMISSIONS Allowed permissions are cumulative. Denied permissions override allowed permissions. Explicit permissions take precedence over inherited permissions. Allowed permissions are cumulative. Denied permissions override allowed permissions. Explicit permissions take precedence over inherited permissions.

Chapter 9: SHARING FILE SYSTEM RESOURCES9 EFFECTIVE PERMISSIONS FolderUser Permissions (Grand) Parent Folder Parent Folder 1 Child Folder 1A (Grand) Child Child Folder 1B Deny All ???? ????? ?????? Folders/Files Read ????? ?????? Folders/Files ???? ????? ?????? Folders/Files

Chapter 9: SHARING FILE SYSTEM RESOURCES10 SHARING FOLDERS Without shares, network clients cannot access folders on a server. Require: Client for Microsoft Networks File and Printer Sharing for Microsoft Networks Without shares, network clients cannot access folders on a server. Require: Client for Microsoft Networks File and Printer Sharing for Microsoft Networks

Chapter 9: SHARING FILE SYSTEM RESOURCES11 ADMINISTRATIVE SHARES Administrative shares are hidden. Appending a share with a $ creates a hidden share.

Chapter 9: SHARING FILE SYSTEM RESOURCES12 RESTRICTIONS ON CREATING FILE SYSTEM SHARES On a domain controller: Administrators, Server Operators, Enterprise Admins, Domain Admins groups On a domain member server or workstation: Administrators, Server Operators, Power Users groups On a workgroup or standalone computer: Administrators or Power Users groups On a domain controller: Administrators, Server Operators, Enterprise Admins, Domain Admins groups On a domain member server or workstation: Administrators, Server Operators, Power Users groups On a workgroup or standalone computer: Administrators or Power Users groups

Chapter 9: SHARING FILE SYSTEM RESOURCES13 CREATING A FILE SYSTEM SHARE USING WINDOWS EXPLORER Lab: Create Share Folder Create “C:\ShareMe” folder Right-click “C:\ShareMe” Select “Share this folder” Lab: Create Share Folder Create “C:\ShareMe” folder Right-click “C:\ShareMe” Select “Share this folder”

Chapter 9: SHARING FILE SYSTEM RESOURCES14 SHARING A VOLUME USING WINDOWS EXPLORER Lab: Create Share for root Start Windows Explorer Select C:\ root Right-click C:\ root Select Sharing tab Click “New Share…” Lab: Create Share for root Start Windows Explorer Select C:\ root Right-click C:\ root Select Sharing tab Click “New Share…”

Chapter 9: SHARING FILE SYSTEM RESOURCES15 CREATING A FILE SYSTEM SHARE USING THE SHARED FOLDERS SNAP-IN Lab: Create Share using MMC Start Computer Management Console Select Shared Folders Select Shares Right-click Click New Shares Lab: Create Share using MMC Start Computer Management Console Select Shared Folders Select Shares Right-click Click New Shares

Chapter 9: SHARING FILE SYSTEM RESOURCES16 CREATING A FILE SYSTEM SHARE USING NET.EXE Allows shares to be created from a command line Lets you configure permissions during creation Lets you configure offline settings for the share Allows shares to be created from a command line Lets you configure permissions during creation Lets you configure offline settings for the share

Chapter 9: SHARING FILE SYSTEM RESOURCES17 MANAGING SHARED FOLDERS Lab: Share properties Select “ShareMe” Right-click Properties Lab: Share properties Select “ShareMe” Right-click Properties

Chapter 9: SHARING FILE SYSTEM RESOURCES18 CONTROLLING OFFLINE STORAGE Lab: Offline Caching Select “ShareMe” Right-Click Caching Lab: Offline Caching Select “ShareMe” Right-Click Caching

Chapter 9: SHARING FILE SYSTEM RESOURCES19 PUBLISHING FILE SYSTEM SHARES IN ACTIVE DIRECTORY

Chapter 9: SHARING FILE SYSTEM RESOURCES20 MANAGING SHARE PERMISSIONS

Chapter 9: SHARING FILE SYSTEM RESOURCES21 USING SHARE PERMISSIONS Limited scope Can be applied only to folders and only when connecting to the share. Lack of flexibility Permissions applied to the share apply to all levels below. No replication Share permissions are not replicated. No resiliency Share permissions cannot be backed up or restored. Limited scope Can be applied only to folders and only when connecting to the share. Lack of flexibility Permissions applied to the share apply to all levels below. No replication Share permissions are not replicated. No resiliency Share permissions cannot be backed up or restored.

Chapter 9: SHARING FILE SYSTEM RESOURCES22 USING SHARE PERMISSIONS (continued) Fragility Shares (and therefore share permissions) are lost when a folder is moved or renamed. No auditing Share permissions do not facilitate auditing. Fragility Shares (and therefore share permissions) are lost when a folder is moved or renamed. No auditing Share permissions do not facilitate auditing.

Chapter 9: SHARING FILE SYSTEM RESOURCES23 SHARE PERMISSION DEFAULTS When a new share is created, the following permissions are granted: Everyone special identity: Read Administrators: Full Control When a new share is created, the following permissions are granted: Everyone special identity: Read Administrators: Full Control

Chapter 9: SHARING FILE SYSTEM RESOURCES24 CREATING A FILE SYSTEM SHARING STRATEGY Create logically named shares. Use nesting where necessary to reduce users’ need to navigate the directory structure. Share removable drives from the root to keep the share available when media are removed and reconnected or changed. Create logically named shares. Use nesting where necessary to reduce users’ need to navigate the directory structure. Share removable drives from the root to keep the share available when media are removed and reconnected or changed.

Chapter 9: SHARING FILE SYSTEM RESOURCES25 NESTING SHARES A share can be created on any folder in the file system. Multiple shares on the same folder can have different permissions. Permissions are applied at the share entry point. A share can be created on any folder in the file system. Multiple shares on the same folder can have different permissions. Permissions are applied at the share entry point.

Chapter 9: SHARING FILE SYSTEM RESOURCES26 USING NTFS PERMISSIONS Scope NTFS permissions apply no matter how the file is accessed. Flexibility Wide range of permissions allows assignments to be tailored. Replication NTFS permissions are included when a file is replicated. Resilience NTFS permissions are retained when objects are backed up. Less fragile NTFS permissions are not lost if a file is moved or renamed. Auditing NTFS permissions support auditing. Scope NTFS permissions apply no matter how the file is accessed. Flexibility Wide range of permissions allows assignments to be tailored. Replication NTFS permissions are included when a file is replicated. Resilience NTFS permissions are retained when objects are backed up. Less fragile NTFS permissions are not lost if a file is moved or renamed. Auditing NTFS permissions support auditing.

Chapter 9: SHARING FILE SYSTEM RESOURCES27 MANAGING STANDARD PERMISSIONS

Chapter 9: SHARING FILE SYSTEM RESOURCES28 USING ADVANCED SECURITY SETTINGS

Chapter 9: SHARING FILE SYSTEM RESOURCES29 MANAGING SPECIAL PERMISSIONS

Chapter 9: SHARING FILE SYSTEM RESOURCES30 VIEWING EFFECTIVE PERMISSIONS

Chapter 9: SHARING FILE SYSTEM RESOURCES31 RESOURCE OWNERSHIP Each file and folder is assigned an owner. Ownership of a file makes the security principle a member of the Creator/Owner special identity. Files that are owned go toward disk quota calculations. Each file and folder is assigned an owner. Ownership of a file makes the security principle a member of the Creator/Owner special identity. Files that are owned go toward disk quota calculations.

Chapter 9: SHARING FILE SYSTEM RESOURCES32 ADMINISTERING IIS Web server platform included with all editions of Windows Server Version 6 has improved security over previous versions. Allows files to be published through a browser interface. Supports HTTP and FTP. Web server platform included with all editions of Windows Server Version 6 has improved security over previous versions. Allows files to be published through a browser interface. Supports HTTP and FTP.

Chapter 9: SHARING FILE SYSTEM RESOURCES33 INSTALLING IIS Not installed during operating system installation Installed through the Windows Components Wizard (select Add Or Remove Programs in Control Panel, and click Add/Remove Windows Components) or through the Manage Your Server wizard Not installed during operating system installation Installed through the Windows Components Wizard (select Add Or Remove Programs in Control Panel, and click Add/Remove Windows Components) or through the Manage Your Server wizard

Chapter 9: SHARING FILE SYSTEM RESOURCES34 MANAGING AN IIS WEB SITE

Chapter 9: SHARING FILE SYSTEM RESOURCES35 USING THE WEB SITE TAB

Chapter 9: SHARING FILE SYSTEM RESOURCES36 USING THE HOME DIRECTORY TAB

Chapter 9: SHARING FILE SYSTEM RESOURCES37 USING THE DOCUMENTS TAB

Chapter 9: SHARING FILE SYSTEM RESOURCES38 USING THE PERFORMANCE TAB

Chapter 9: SHARING FILE SYSTEM RESOURCES39 CREATING VIRTUAL DIRECTORIES Allows you to include a folder from anywhere on the network in your Web site Appears to the Web site user as if it is a sub-directory of the main Web site folder Allows management of Web content to be distributed between departments. Allows you to include a folder from anywhere on the network in your Web site Appears to the Web site user as if it is a sub-directory of the main Web site folder Allows management of Web content to be distributed between departments.

Chapter 9: SHARING FILE SYSTEM RESOURCES40 CONFIGURING IIS SECURITY

Chapter 9: SHARING FILE SYSTEM RESOURCES41 CONFIGURING IIS AUTHENTICATION

Chapter 9: SHARING FILE SYSTEM RESOURCES42 CONFIGURING IP ADDRESS AND DOMAIN NAME RESTRICTIONS

Chapter 9: SHARING FILE SYSTEM RESOURCES43 CONFIGURING SECURE COMMUNICATIONS

Chapter 9: SHARING FILE SYSTEM RESOURCES44 SUMMARY Windows Server 2003 controls access to resources using a number of mechanisms, including share permissions and NTFS permissions. Every object protected by permissions has an ACL, which is a list of ACEs assigned to that object. Each ACE contains a security principal and indicates the level of access they are permitted or denied to the object. File system shares enable network users to access files and folders on other computers. Windows Server 2003 controls access to resources using a number of mechanisms, including share permissions and NTFS permissions. Every object protected by permissions has an ACL, which is a list of ACEs assigned to that object. Each ACE contains a security principal and indicates the level of access they are permitted or denied to the object. File system shares enable network users to access files and folders on other computers.

Chapter 9: SHARING FILE SYSTEM RESOURCES45 SUMMARY (continued) Share permissions provide basic protection for file system shares, but they lack the granularity and flexibility of NTFS permissions. NTFS permissions can be allowed or denied, and explicit or inherited. A Deny permission takes precedence over an Allow permission, and an explicit permission takes precedence over an inherited permission. Share permissions provide basic protection for file system shares, but they lack the granularity and flexibility of NTFS permissions. NTFS permissions can be allowed or denied, and explicit or inherited. A Deny permission takes precedence over an Allow permission, and an explicit permission takes precedence over an inherited permission.

Chapter 9: SHARING FILE SYSTEM RESOURCES46 SUMMARY (continued) Access granted by NTFS permissions can be restricted by share permissions and other factors, such as IIS permissions on Web sites. Whenever two permission types are assigned to a resource, you must evaluate each set of permissions and then determine which of the two is more restrictive. Every NTFS file and folder has an owner. The owner of a file or folder is always permitted to modify the file or folder’s ACL. Access granted by NTFS permissions can be restricted by share permissions and other factors, such as IIS permissions on Web sites. Whenever two permission types are assigned to a resource, you must evaluate each set of permissions and then determine which of the two is more restrictive. Every NTFS file and folder has an owner. The owner of a file or folder is always permitted to modify the file or folder’s ACL.

Chapter 9: SHARING FILE SYSTEM RESOURCES47 SUMMARY (continued) Any user with the Allow Take Ownership permission or the Take Ownership Of Files Or Other Objects user right can take ownership of an object. IIS is a Windows Server 2003 application that allows you to share files and folders using Web and FTP server services. Any user with the Allow Take Ownership permission or the Take Ownership Of Files Or Other Objects user right can take ownership of an object. IIS is a Windows Server 2003 application that allows you to share files and folders using Web and FTP server services.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.