IT tutorials
 
Windows
 

Windows 8 : Sharing files and folders (part 5) - Understanding NTFS permissions - Creating advanced security settings

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
10/10/2014 4:04:57 AM

Creating advanced security settings

NTFS permissions can get confusing because of the way they work. What you just saw was straightforward information—apply a permission, and it takes effect. However, as you investigate further, additional complexity becomes apparent.

This complexity is simplified through the use of advanced security settings. By viewing these settings, you gain insight into the real state of permissions for the selected file or folder. In the main section of the window, you see that each permission entry is individually delineated, showing you exactly which permissions are assigned to specific users and groups (called principals).

To view or change the advanced security settings for a file or folder, complete the following steps:

  1. On the Properties page shown in Figure 14, tap or click the Advanced button to open the Advanced Security Settings window shown in Figure 16.

    The current security settings for the selected folder

    Figure 16. The current security settings for the selected folder

    Each permission entry is individually listed, showing you exactly which permissions have been assigned to which users and groups, called principals. To the right, you can see the reason the principals are granted the permissions they carry. These permissions have been inherited from C:\. The folder you’re working with in Figure 16 is C:\Shared-files. By default, folders in Windows 8 inherit the permissions of their parent folder. This avoids the need for an administrator to specify permissions for each folder in the system manually.

    However, you might want to have permissions change on folders deeper in the hierarchy. Fortunately, that’s not difficult, and the result is that the selected folder will have permissions that are both inherited from the parent folder and set directly. In Figure 17, you can see that the folder now has additional permissions, but these permissions were not inherited.

    Advanced Security Settings window showing a directly granted level of permissions

    Figure 17. Advanced Security Settings window showing a directly granted level of permissions

    To add a permission directly to the selected folder from the Advanced Security Settings, tap or click the Add button. This opens the Permission Entry window shown in Figure 18.

    Permission Entry window showing the Applies To drop-down list

    Figure 18. Permission Entry window showing the Applies To drop-down list

  2. In the Permissions Entry dialog box, provide the Principal name.

    This is the name of the user or group to which you want to apply new or additional permissions. In Figure 18, the administrator has already selected the group named Authenticated Users. To specify a different user or group, tap or click Select A Principal and make a selection.

  3. In the Type drop-down list, select either Allow or Deny as the permission type.

  4. Make a selection from the Applies To drop-down list.

    By default, Windows applies your new permissions settings to the current folder and to all subfolders and files according to the default inheritance rules in Windows 8. You can override this behavior by choosing a different entry from the Applies To drop-down list. Table 2 lists the available options and the impact of your selection.

    Table 2. Default permissions impact

    Apply permissions to

    Apply to current folder ONLY

    Apply to subfolders in current folder

    Apply to files in current folder

    Apply to all subfolders

    Apply to files in all subfolders

    This folder only

    x

        

    The folder, subfolders, and files

    x

    x

    x

    x

    x

    This folder and subfolders

    x

    x

     

    x

     

    This folder and files

    x

     

    x

     

    x

    Subfolders and files only

     

    x

    x

    x

    x

    Subfolders only

     

    x

     

    x

     

    Files only

      

    x

     

    x

    Under Basic Permissions, you can choose different basic permissions for the selected principal.

  5. If you’d like to see additional available permissions, tap or click Show Advanced Permissions.

    Table 3 describes the available advanced permissions.

    Table 3. Advanced NTFS permissions

    Folder permission name

    Description (folder)

    File permission name

    Description (file)

    Traverse Folder

    Allows the user to browse to folders beneath the current one

    Execute File

    Allows the user to execute the file

    List Folder

    Allows the user to view file names and subfolder names

    Read Data

    Allows the user to read data from a file

    Read Attributes

    Allows the user to view the attributes of a file or folder (such as Read-Only, Hidden)

    Read Extended Attributes

    Allows the user to view the extended attributes of a file or folder; extended attributes may be assigned by an application

    Create Files

    Allows the user to create files inside the folder

    Write Data

    Allows the user to write data to a file

    Create Folders

    Allows the user to create new folders within a folder

    Append Data

    Allows the user to add data to the end of a file but not to change the existing content

    Write Attributes

    Allows the user to change the attributes of a file or folder (such as Read-Only, Hidden)

    Write Extended Attributes

    Allows the user to change the extended attributes of a file or folder; extended attributes may be assigned by an application

    Delete Subfolders and Files

    Allows the user to delete subfolders and files; works even if the user has not been assigned the Delete permission

    Delete

    Allows the user to delete a file or a folder

    Read Permissions

    Allows the user to read the permissions for a file or folder

    Change Permissions

    Allows the user to change the permissions on a file or folder

    Take Ownership

    Allows the user to take ownership of a file or folder without regard to other permissions that might already be assigned
  6. Select the Only Apply These Permissions To Objects And/Or Containers Within This Container check box to limit the containers to which new permissions apply.

    Table 4 lists the permissions impact when this check box is selected.

    Table 4. Permissions impact when Only Apply These Permissions To Objects And/Or Containers Within This Container is selected

    Apply permissions to

    Apply to current folder ONLY

    Apply to subfolders in current folder

    Apply to files in current folder

    Apply to all subfolders

    Apply to files in all subfolders

    This folder only

    x

        

    The folder, subfolders, and files

    x

    x

    x

      

    This folder and subfolders

    x

    x

       

    This folder and files

    x

     

    x

      

    Subfolders and files only

     

    x

    x

      

    Subfolders only

     

    x

       

    Files only

      

    x

     

Note

FILE AND FOLDER PERMISSIONS CLARIFIED

There are different permission sets for folders and files, although they also share many advanced permissions. Table 3, in which there are different entries in the Folder and File columns, explains the different kinds of permissions. When a permission is shared between files and folders, there is just a single description for the permission entry. Further, although each description uses the word “Allow” to indicate that a user is allowed to perform a certain function, bear in mind that the permission can also be denied.

 
Others
 
- Windows 8 : Sharing files and folders (part 4) - Understanding NTFS permissions - Modifying file or folder permissions
- Windows 8 : Sharing files and folders (part 3) - Sharing a folder
- Windows 8 : Sharing files and folders (part 2) - Enabling folder sharing using the Windows 8 interface, Enabling folder sharing using the traditional interface
- Windows 8 : Sharing files and folders (part 1) - Configuring the Network and Sharing Center
- Windows 8 : Configuring virtual machine networking and storage (part 3) - Assigning a virtual switch to a virtual machine , Assigning storage to a virtual machine
- Windows 8 : Configuring virtual machine networking and storage (part 2) - Hyper-V virtual switch
- Windows 8 : Configuring virtual machine networking and storage (part 1) - Introducing storage and networking for Hyper-V
- Windows 8 : Customizing the Lock Screen - Customizing the Lock Screen Background,Controlling the Apps Displayed on the Lock Screen, Disabling the Lock Screen
- Windows 8 for Business : Features Exclusive to Windows 8 Enterprise,Windows RT and Business
- Windows 8 for Business : Virtualization (part 4) - VHD Shell Integration,Remote Desktop and Remote Desktop Host
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- How do I change the letter of a mapped drive?
- bulk collect - amount of return
- Need a driver for sm bus controller on Dell d620
- Where can I find a service manual for a Gateway MD2414u Laptop?
- How to stablish a proper setup in MS Outlook 2003 encrypting mails
- Initialization failed for opening on premisis exchange server
- Firebird AutoID VB.net code
- HOW TO: remove the Anonymous User from the Everyone Group....
- Multi Homed Windows 2008 Server
- OCS 2007 R2 and Cisco call manager
programming4us programming4us