Thursday, July 18, 2013

Understanding NTFS Permission



FILE SYSTEMS USED IN WINDOWS
File system refers to the way in which the files are arranged and saved on a media (floppy, hard disk, cd) so that they can be accessed easily and stored efficiently on the media. Basic types of file systems

    FAT16
    FAT32
    NTFS

Features of NTFS
:

NTFS is an advanced file system and support partitions of size up to 16 EB. Files are well-stored in NTFS. It supports following advanced features:

    Security of Files and folders.
    Compression and Encryption of files /folders
    Disk Quotas

Command to convert FAT to NTFS:
Convert x: /fs:ntfs
Where x is any drive
for example
Convert d: /fs:ntfs

SECURING FILES/FOLDERS

1. Go to the computer management, create a user kamal.
2. Now go to any drive, which must be in NTFS, and create a folder named as accounts.
3. Right-click on the folder accounts and select properties>security.
4. Click on Advanced and uncheck the option "allow inheritable permissions to......"

5. Click o.k.
6. Click on Add to add the user kamal.7. Click on Full Control Allow permission.
8. Click apply and o.k.
9. Logon as kamal and click on accounts folder and it will open.
10. Create another user ajay.
11. Logon as a ajay and click accounts Folder. It will not open.
12. Now logon as administrator and right-click on accounts folder and select properties>security.
13. Add the user ajay.
14. Highlight the user ajay to give permissions different from that of user kamal.

SPECIAL PERMISSIONS.

 Right-click on folder accounts and open security and click on advanced.
2.Highlight an user, say, kamal and click on Edit and select special permissions for kamal and click o.k.

AUDITING
 

Auditing help in tracking which users are trying to access a particular folder.

1. Right-click on folder accounts and select properties>security.
2. Click on Advanced and select Auditing and click on add to add a user for whom you want to do the auditing to know what he trying to do with the accounts folder.
3. Click o.k. and click on FULL CONTROL under both successful and failed columns.
4. Now go to the Programs>administrative tools>Local Security Policy>local policies>Audit policy.
5. Click on 'Audit Object Access' and select success and failure.
6. Login as with the user you selected for the auditing and click on accounts folder.
7. Now login as administrator and go to Programs>administrative tools>Event Viewer>Security and see the entries for the user to study the auditing results.

OWNERSHIP.

 Right-click on accounts and go to security and click on advanced and select ownership.
2. Click on other users or groups to add a user to make him/her the owner of the folder.
3. An owner can give permissions to other users.

EFFECTIVE PERMISSIONS
.

 Right-click on folder accounts and go to security.
2. Click on Advanced and select 'effective permissions'.
3. Click on select to add a user for whom you want to know which permissions he is getting on the accounts folder.

No comments:

Post a Comment