Presentation is loading. Please wait.

Presentation is loading. Please wait.

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

Published byOscar Hart Modified over 9 years ago

Similar presentations

Presentation on theme: "CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+"— Presentation transcript:

1 CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

2 Agenda Chapter 7: Understanding and Troubleshooting File Access Quiz Exercise

3 NTFS File System Offers better security through permissions and encryption ▫A permission is a type of access granted to an object such as NTFS files and folders ▫Access Control List (ACL) ▫Each assignment of permissions to a user or group is represented as an access control entry (ACE)

4 NTFS Permissions Full Control ▫Can do everything Modify Read & Execute ▫Can see and run all contents inside the folder List Folder Contents Read Write See Figure 7-1 on Page 135

5 Special Permissions Each of the standard permissions consists of a logical group of special permissions ▫To assign special permission, you have use advanced security settings ▫See Table 7-1 on Page 136 for a full list of permissions ▫See Figure 7-2 on Page 137

6 NTFS Permissions (Cont.) There are two types of permissions used in NTFS: ▫Explicit permission  Permissions granted directly to the file or folder. ▫Inherited permission  Permissions that are granted to a folder (parent object or container) that flow into child objects (sub- folders or files inside the parent folder) By default, objects within a folder inherit the permissions from parent

7 NTFS Permissions (Cont.) Deny permissions override allow; however explicit override inherit 1.Explicit Deny 2.Explicit Allow 3.Inherited Deny 4.Inherited Allow

8 Effective Permissions The actual permissions you have when logging in and accessing a file or folder ▫They consist of explicit permissions plus any inherited permissions ▫See Figure 7-3 on Page 140 Calculate the effective permissions ▫Calculate the explicit and inherited permissions for an individual group and then combine them. ▫The only exception is that Deny permissions always apply

9 Copying and Moving Files Copy a folder or file ▫New location permissioned will be applied Move a folder or file from one volume to another volume ▫New location permissioned will be applied Move a folder or file within the SAME volume ▫Old permissions will be applied

10 Sharing Drives and Folders To help protect against unauthorized access, you will use share permissions along with NTFS permissions (assuming the shared folder is on an NTFS volume) When users need to access a network share, they would use the UNC, which is \\servername\sharename

11 Sharing Drives and Folders (Cont.) In Windows 7, there are four types of file sharing: ▫Public sharing (Public folder)  Either use the same computer, or connect to it over a network  Located in the Users folder of your root directory  It can be accessed through a person’s libraries ▫Standard sharing  Can be enabled or disabled on a per computer basis ▫Homegroups ▫Advanced sharing

12 Homegroups Only available with Windows 7 You can join a HomeGroup in any edition of Windows 7 Only Home Premium, Professional, or Ultimate editions can create homegroups

13 Advanced Sharing Right-clicking a folder, selecting Properties and clicking Advanced Sharing Shared folders can be shared several times with different names and permissions See Figure 7-4 on Page 145

14 Share Permissions Full Control ▫Users can do everything as well as change file and folder permissions and take ownership of files and folders Change ▫Users can do everything except change the permission and cannot take ownership Read

15 Share Permissions (Cont.) You can allow or deny each share permission To simplify managing share and NTFS permissions, Microsoft recommends ▫Giving Everyone Full Control ▫Controlling access using NTFS permissions The effective share permissions are the combination of the user and all group permissions that the user is a member of

16 Combining NTFS and Share Permissions Only the NTFS permissions apply ▫When user logs on to the server (Physically or remotely) Both NTFS and share permissions apply ▫When access through UNC To determine the overall access ▫Calculate the effective NTFS permissions ▫Then determine the effective shared permissions ▫Last, apply the more restrictive permissions between the NTFS and shared permissions

17 Administrative Share A shared folder typically used for administrative purposes To make a shared folder or drive into an administrative share, the share name must have a $ at the end of it ▫Shared folder or drive cannot be seen during browsing, UNC with $ is needed By default, all volumes with drive letters automatically have administrative shares (C$, D$, E$, and so on) ▫Other administrative shares can be created as needed for individual folders

18 Troubleshooting File Access Problems Make sure that the computer is available (including proper name resolution) The shared folder is available There are no firewall issues (SMB file sharing uses port 139 and 445) on the client and remote computer If the user gets an access denied or similar message ▫Verify the NTFS and share permissions.

19 Backups When planning backups ▫You should isolate program files and data files Program files usually do not change and so they do not have to be backed up often Data files change often, so they should be backed up more often If you isolate them in different areas, you can create different backup policies for each area

20 Windows System State The Windows system state is a collection of system components that are not contained in a simple file that can be backed up easily. It includes: ▫Boot files ▫Registry (including COM settings) ▫SYSVOL ▫User profiles ▫COM+ and WMI information ▫IIS metabase

21 Windows Backup Allows you to make copies of data files for everyone who uses the computer You can ▫Let Windows choose what to back up ▫Select the individual folders, libraries, and drives By default, your backups are created on a regular schedule ▫You can change the schedule and manually create a backup at any time ▫See Figure 7-5 on Page 148

22 System Protection A feature that regularly creates and saves information about your computer’s system files and settings System Protection uses restore points Also created automatically once every seven days if no other restore points were created in the previous seven days You can create restore points manually at any time

23 System Restore Helps you restore your computer’s system files to an earlier point in time by regularly creating and saving restore points It’s a way to undo system changes to your computer without affecting your personal files, such as email, documents, or photos See Figure 7-6 on Page 150

24 Previous Versions If you have system protection enable, you also can revert any change made to files or folders individually See Figure 7-7 on Page 152

25 File Auditing To enable auditing ▫Specify what types of system events to audit using group policies or the local security policy ▫Security Settings\Local Policies\Audit Policy To audit NTFS files, NTFS folders, and printers is a two-step process ▫First enable Object Access using group policies ▫Specify which files or folders you want to audit After you enable logging, you then open the Event Viewer security logs to view the security events

26 Assignment Submit these before class over on Thursday ▫Fill in the blank ▫Multiple Choice ▫True / False Submit these before class start on Monday ▫Lab 7 ▫Case Scenario 7-2

Download ppt "CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+"

Similar presentations

CN2140 Server II (V2) Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

CN2140 Server II (V2) Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.

When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.
1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.

1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
MIS 431 - Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.

MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
CN2140 Server II Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

CN2140 Server II Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
Lesson 4: Configuring File and Share Access

Lesson 4: Configuring File and Share Access
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.

By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
Group Accounts; Securing Resources with Permissions

Group Accounts; Securing Resources with Permissions
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.

Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.

Similar presentations

Ads by Google