Module 4 - Managing Access To Resources
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Module 4 - Managing Access To Resources as PDF for free.
More details
- Words: 1,378
- Pages: 37
Module 4: Managing Access to Resources
Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and Folders Using NTFS Permissions Determining Effective Permissions Managing Access to Shared Files Using Offline Caching
Lesson: Overview of Managing Access to Resources Multimedia: Access Control in Microsoft Windows Server 2003 What Are Permissions? What Are Standard and Special Permissions? Practice: Examining NTFS Permissions Multimedia: Permission States
Multimedia: Access Control in Microsoft Windows Server 2003 This presentation explains how Active Directory uses security principals and identifiers to provide access to objects Important point to watch for: If you delete a security principle and then create it again with the same name, what is the effect on the permissions?
What Are Permissions? Permissions define the type of access granted to a user, group, or computer for an object You apply permissions to objects such as files, folders, and printers You assign permissions to users and groups in Active Directory or on a local computer
What Are Standard and Special Permissions? Standard Permissions
Special Permissions
Practice: Examining NTFS Permissions In this practice, you will: Examine the NTFS default permissions on system folders Examine the NTFS default permissions on a newly created folder
Multimedia: Permission States In this activity, you will learn the differences between the permission states and then test your knowledge
Lesson: Managing Access to Shared Folders What Are Shared Folders? What Are Administrative Shared Folders? Tools to Create and Manage Shared Folders Shared Folder Permissions Methods to Connect to Shared Folders What Are Published Shared Folders? How Published Shared Folders Are Used Best Practices For Using Shared Folders
What Are Shared Folders? Shared folders show an icon of a hand holding the folder You can share only folders, not files Default permission on shared folders is Everyone, Read When you copy or move a shared folder, the folder is no longer shared To hide a shared folder, include a $ after the name of the shared folder Users access hidden shares by typing the UNC path
What Are Administrative Shared Folders?
Tools to Create and Manage Shared Folders Who can create shared folders?
On Windows Server 2003 domain controllers Administrators group Server Operators group
On Windows Server 2003 member or stand-alone servers Administrators group Power Users group
Tools used to create and manage shared folders Computer Management Window Explorer or My Computer The Net Share command
Shared Folder Permissions Permission Read (Default, applied to the Everyone group) Change (Includes all Read permissions) Full Control (Includes all Read and Change permissions)
Description Allows you to view data in files and attributes Allows you to view file names and subfolder names Allows Allows you you to to run add program files and files subfolders Allows you to change data in files Allows you to delete subfolders and files Allows you to change NTFS file and folder permissions
Methods to Connect to Shared Folders
What Are Published Shared Folders? A published shared folder: Is a shared folder object in Active Directory Can maintain static friendly names Clients: Can search Active Directory for published shared folders Do not need to know the name of the server to connect to a shared folder Can search by using keywords if they do not know the exact name of the share
How Published Shared Folders Are Used Administrators can use Active Directory Users and Computers to find shared folders Windows XP Professional clients can search Active Directory from My Network Places
Best Practices for Using Shared Folders Use the Authenticated Users group instead of Everyone Share folders with the appropriate level of permission Use groups to grant access rather than individual users Publish shared folders in larger environments
Practice: Managing Access to Shared Folders In this practice, you will: Connect to an administrative share Create a shared folder and grant permissions Publish a shared folder and create keywords Map a drive letter to the shared folder and test permissions
Lesson: Managing Access to Files and Folders Using NTFS Permissions What Is NTFS? NTFS File and Folder Permissions What Is NTFS Permissions Inheritance? Effects on NTFS Permissions When Copying and Moving Files and Folders Best Practices for Managing Access to Files and Folders Using NTFS Permissions Practice: Managing Access to Files and Folders Using NTFS Permissions
What Is NTFS? NTFS is a file system that provides: Reliability Security at the file level and folder level Improved management of storage growth Multiple user permissions
NTFS File and Folder Permissions File permissions Folder permissions Full Control Modify Read & Execute Write Read
Full Control Modify Read & Execute Write Read List Folder Contents
What Is NTFS Permissions Inheritance? Inherit permissions FolderA Read / Write
FolderB
Access to FolderB Prevent inheritance
FolderA
Read / Write
No access to FolderB
FolderB FolderC
Effects on NTFS Permissions When Copying and Moving Files and Folders
NTFS Partition C:\ NTFS Partition D:\
C opy Mo ve
NTFS Partition E:\
C opy or Mo ve
When you copy files and folders, they inherit the permissions of the destination folder When you move files and folders within the same partition, they retain their permissions When you move files and folders to a different partition, they inherit the
Best Practices for Managing Access to Files and Folders Using NTFS Permissions Grant permissions to domain local groups instead of to users Group resources to simplify administration Allow users only the level of access that they require Grant Read & Execute permission for application folders
Practice: Managing Access to Files and Folders Using NTFS Permissions In this practice, you will: Examine and configure NTFS permissions Block NTFS permission inheritance and set permissions Test NTFS permissions Test the effects of copying and moving files or folders
Lesson: Determining Effective Permissions What Are Effective Permissions on NTFS Files and Folders? Class Discussion: Applying NTFS Permissions Effects of Combined Shared Folder and NTFS Permissions Class Discussion: Determining Effective NTFS and Shared Folder Permissions Practice: Determining Effective NTFS and Shared Folder Permissions
What Are Effective Permissions on NTFS Files and Folders? NTFS permissions are cumulative File permissions override folder permissions Deny overrides all permissions Creators of files and folders are their owners
Class Discussion: Applying NTFS Permissions 1
Users Group
2
User1
3
Sales Group
Users group Write for Folder1 Sales group Read for Folder1 Users group Read for Folder1 Sales group Write for Folder2 Users group Modify for Folder1 File2 should only be accessible to Sales group with Read permission
NTFS Partition Folder1 File1
Folder2 File2
Effects of Combined Shared Folder and NTFS Permissions
Full Contr ol
Public
NTFS Volume Users Read
Chan ge
File1
File2
Class Discussion: Determining Effective NTFS and Shared Folder Permissions Class discussion: Determine effective NTFS permissions 1
Determine shared folder NTFS Volume 2 NTFS Volume permissions
Users Group
Sales Group
F C
Users
R
Data
User1
F C
User1
User2
F C
User2
HR
User3
F C
User3
Pubs
Sales Group
F C
Sales
Practice: Determining Effective NTFS and Shared Folder Permissions In this practice, you will: Share the Legal folder Determine the effective NTFS permissions Determine the effective combined permissions
Lesson: Managing Access to Shared Files Using Offline Caching What Is Offline Files? How Offline Files Are Synchronized Offline File Caching Options Practice: Using Offline Caching
What Is Offline Files? Offline Files is a documentmanagement feature that provides the user with consistent online and offline access to files Advantages of using Offline Files: Support for mobile users Automatic synchronization Performance advantages Backup advantages
How Offline Files Are Synchronized Disconnected from the network Files are synchronized at logoff. The user works with the locally cached copy Logged on to the network Files are synchronized at logon. The user works with the network version of the files If a file has been modified in both locations The user must choose which version of the file to keep or to rename one file and keep both versions
Offline File Caching Options
Practice: Using Offline Caching In this practice, you will: Manually cache a document in the Legal shared folder Set synchronization options
Lab: Managing Access to Resources In this lab, you will: Create and share folders Configure NTFS security Publish shared folders Test permissions Configure automatic caching
Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and Folders Using NTFS Permissions Determining Effective Permissions Managing Access to Shared Files Using Offline Caching
Lesson: Overview of Managing Access to Resources Multimedia: Access Control in Microsoft Windows Server 2003 What Are Permissions? What Are Standard and Special Permissions? Practice: Examining NTFS Permissions Multimedia: Permission States
Multimedia: Access Control in Microsoft Windows Server 2003 This presentation explains how Active Directory uses security principals and identifiers to provide access to objects Important point to watch for: If you delete a security principle and then create it again with the same name, what is the effect on the permissions?
What Are Permissions? Permissions define the type of access granted to a user, group, or computer for an object You apply permissions to objects such as files, folders, and printers You assign permissions to users and groups in Active Directory or on a local computer
What Are Standard and Special Permissions? Standard Permissions
Special Permissions
Practice: Examining NTFS Permissions In this practice, you will: Examine the NTFS default permissions on system folders Examine the NTFS default permissions on a newly created folder
Multimedia: Permission States In this activity, you will learn the differences between the permission states and then test your knowledge
Lesson: Managing Access to Shared Folders What Are Shared Folders? What Are Administrative Shared Folders? Tools to Create and Manage Shared Folders Shared Folder Permissions Methods to Connect to Shared Folders What Are Published Shared Folders? How Published Shared Folders Are Used Best Practices For Using Shared Folders
What Are Shared Folders? Shared folders show an icon of a hand holding the folder You can share only folders, not files Default permission on shared folders is Everyone, Read When you copy or move a shared folder, the folder is no longer shared To hide a shared folder, include a $ after the name of the shared folder Users access hidden shares by typing the UNC path
What Are Administrative Shared Folders?
Tools to Create and Manage Shared Folders Who can create shared folders?
On Windows Server 2003 domain controllers Administrators group Server Operators group
On Windows Server 2003 member or stand-alone servers Administrators group Power Users group
Tools used to create and manage shared folders Computer Management Window Explorer or My Computer The Net Share command
Shared Folder Permissions Permission Read (Default, applied to the Everyone group) Change (Includes all Read permissions) Full Control (Includes all Read and Change permissions)
Description Allows you to view data in files and attributes Allows you to view file names and subfolder names Allows Allows you you to to run add program files and files subfolders Allows you to change data in files Allows you to delete subfolders and files Allows you to change NTFS file and folder permissions
Methods to Connect to Shared Folders
What Are Published Shared Folders? A published shared folder: Is a shared folder object in Active Directory Can maintain static friendly names Clients: Can search Active Directory for published shared folders Do not need to know the name of the server to connect to a shared folder Can search by using keywords if they do not know the exact name of the share
How Published Shared Folders Are Used Administrators can use Active Directory Users and Computers to find shared folders Windows XP Professional clients can search Active Directory from My Network Places
Best Practices for Using Shared Folders Use the Authenticated Users group instead of Everyone Share folders with the appropriate level of permission Use groups to grant access rather than individual users Publish shared folders in larger environments
Practice: Managing Access to Shared Folders In this practice, you will: Connect to an administrative share Create a shared folder and grant permissions Publish a shared folder and create keywords Map a drive letter to the shared folder and test permissions
Lesson: Managing Access to Files and Folders Using NTFS Permissions What Is NTFS? NTFS File and Folder Permissions What Is NTFS Permissions Inheritance? Effects on NTFS Permissions When Copying and Moving Files and Folders Best Practices for Managing Access to Files and Folders Using NTFS Permissions Practice: Managing Access to Files and Folders Using NTFS Permissions
What Is NTFS? NTFS is a file system that provides: Reliability Security at the file level and folder level Improved management of storage growth Multiple user permissions
NTFS File and Folder Permissions File permissions Folder permissions Full Control Modify Read & Execute Write Read
Full Control Modify Read & Execute Write Read List Folder Contents
What Is NTFS Permissions Inheritance? Inherit permissions FolderA Read / Write
FolderB
Access to FolderB Prevent inheritance
FolderA
Read / Write
No access to FolderB
FolderB FolderC
Effects on NTFS Permissions When Copying and Moving Files and Folders
NTFS Partition C:\ NTFS Partition D:\
C opy Mo ve
NTFS Partition E:\
C opy or Mo ve
When you copy files and folders, they inherit the permissions of the destination folder When you move files and folders within the same partition, they retain their permissions When you move files and folders to a different partition, they inherit the
Best Practices for Managing Access to Files and Folders Using NTFS Permissions Grant permissions to domain local groups instead of to users Group resources to simplify administration Allow users only the level of access that they require Grant Read & Execute permission for application folders
Practice: Managing Access to Files and Folders Using NTFS Permissions In this practice, you will: Examine and configure NTFS permissions Block NTFS permission inheritance and set permissions Test NTFS permissions Test the effects of copying and moving files or folders
Lesson: Determining Effective Permissions What Are Effective Permissions on NTFS Files and Folders? Class Discussion: Applying NTFS Permissions Effects of Combined Shared Folder and NTFS Permissions Class Discussion: Determining Effective NTFS and Shared Folder Permissions Practice: Determining Effective NTFS and Shared Folder Permissions
What Are Effective Permissions on NTFS Files and Folders? NTFS permissions are cumulative File permissions override folder permissions Deny overrides all permissions Creators of files and folders are their owners
Class Discussion: Applying NTFS Permissions 1
Users Group
2
User1
3
Sales Group
Users group Write for Folder1 Sales group Read for Folder1 Users group Read for Folder1 Sales group Write for Folder2 Users group Modify for Folder1 File2 should only be accessible to Sales group with Read permission
NTFS Partition Folder1 File1
Folder2 File2
Effects of Combined Shared Folder and NTFS Permissions
Full Contr ol
Public
NTFS Volume Users Read
Chan ge
File1
File2
Class Discussion: Determining Effective NTFS and Shared Folder Permissions Class discussion: Determine effective NTFS permissions 1
Determine shared folder NTFS Volume 2 NTFS Volume permissions
Users Group
Sales Group
F C
Users
R
Data
User1
F C
User1
User2
F C
User2
HR
User3
F C
User3
Pubs
Sales Group
F C
Sales
Practice: Determining Effective NTFS and Shared Folder Permissions In this practice, you will: Share the Legal folder Determine the effective NTFS permissions Determine the effective combined permissions
Lesson: Managing Access to Shared Files Using Offline Caching What Is Offline Files? How Offline Files Are Synchronized Offline File Caching Options Practice: Using Offline Caching
What Is Offline Files? Offline Files is a documentmanagement feature that provides the user with consistent online and offline access to files Advantages of using Offline Files: Support for mobile users Automatic synchronization Performance advantages Backup advantages
How Offline Files Are Synchronized Disconnected from the network Files are synchronized at logoff. The user works with the locally cached copy Logged on to the network Files are synchronized at logon. The user works with the network version of the files If a file has been modified in both locations The user must choose which version of the file to keep or to rename one file and keep both versions
Offline File Caching Options
Practice: Using Offline Caching In this practice, you will: Manually cache a document in the Legal shared folder Set synchronization options
Lab: Managing Access to Resources In this lab, you will: Create and share folders Configure NTFS security Publish shared folders Test permissions Configure automatic caching
Related Documents
Module 4 - Managing Access To Resources
November 2019 6
Module 3 - Managing Access Control
May 2020 4
Module 14 - Enabling Access To Internet Resources
November 2019 2
Managing Access
October 2019 15
Access Module
October 2019 43