Flux rss
Reviews
They need your help

Sharing and permissions in Windows NT

 

Introduction to folder sharing

Sharing allows resources to be designated as being available to all users over a network. When a folder is shared, users can log into the folder from across the network and access the files within, as though the folder were located on the hard drive of the computer they are currently using.

In order to increase network security, permissions can be applied to these resources to limit the actions that users can perform on them.
Once a folder is shared, users who have permission to it can access all the files and folders contained within.

Why share folders?

Folders are shared so that users can access applications, data, and user home folders over the network.

  • Keeping information together: Network application folders centralise system administration by specifying a single place for configuring and updating software.
  • Saving disk space: Data folders give users a central location to store and access files that they all use.
  • Data security: User home folders give users a central location for backing up their data.
Using shared folders is the only way to ensure the security of network resources in a FAT volume.

Shared folder permissions

Permissions may be applied to folders, and control the use of resource by a given user. In FAT, there are four different permissions:

  • Full Control (default permission) lets users change file permissions. On NTFS volumes, the users can also own files and carry out any tasks that the permission allows.
  • Change lets users create folders and add files, as well as modify and add file data. They can also change file attributes, delete folders and files, and perform any tasks authorised by the Read permission.
  • Read lets a user see the names of folders and files, see file data and attributes, run program files, and browse within folders.
  • No Access only allows a user to connect to the shared folder. Access to the folder is forbidden and its contents are not shown.
Permissions granted to the user will not take effect until the next time he or she logs in (meaning that this system is non-dynamic). Note that by default, "Full Control" permission is granted to the user group "Everyone." Therefore, before doing anything else, this group and its associated permissions must be deleted. Likewise, NEVER give "No Access" permission to the "Everyone" group, since the Administrator is part of this group. Your computer will be completely inaccessible and the only solution will be to reinstall Windows NT.

These two examples are a perfect illustration of security holes in Windows NT 4.0.

Granting permissions to users and groups

A user can have permissions attributed to him or her directly, or as a member of a group. Sometimes, a user may even be part of several groups that have different permissions on the same shared folder. Here is how these permissions are handled:

  • The user's permissions combine the differing permissions given to the different groups. Thus, a user in a group with "Read" permission on a folder who is also part of a group with "Full Control" permission on that same folder will have "Full Control" permission.
  • The only exception is the "No Access" permission, which is fully restrictive. If a user is part of both a group with "Full Control" permission on a folder and a group with "No Access" permission, the user will not be able to access that folder.


Last update on Thursday October 16, 2008 02:43:16 PM.
This document entitled « Sharing and permissions in Windows NT » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the licence, as this note appears clearly.

Results for Sharing and permissions in Windows NT

Windows NT - User management Windows NT is an operating system which manages sessions, meaning that when the system is started, it is necessary to log in with a user name and password. When Windows NT is installed, the administrator account is created by default, as is an... en.kioskea.net/winnt/ntusers.php3
Windows NT - Introduction Windows NT (for "New Technology") is a 32-bit operating system developed by Microsoft. Windows NT's outward appearance makes it look a lot like Windows 95/98/Millennium, but Windows NT has a separately developed kernel. Because of this, Windows NT... en.kioskea.net/winnt/ntintro.php3
Problem with include on windows NT server Hello, im on a windows NT server, and somehow, when i use the include methode include('../functions.php'); it doesn't find the functions.php page!! i have a file name post.php, it's in a folder, and i need to include the functions... en.kioskea.net/forum/affich-487-problem-with-include-on-windows-nt-server

Results for Sharing and permissions in Windows NT

[Windows NT]NT 4.0 SP2+:Enabling the DMA[Windows NT]NT 4.0 SP2+:Enabling the DMA Intro Enabling DMA on Windows NT 4.0 SP2 +: Check NT service pack Installation Intro Handling the DMA, for IDE drives is much more difficult under NT4 than under Windows 9x series. Unlike the... en.kioskea.net/faq/sujet-855-windows-nt-nt-4-0-sp2-enabling-the-dma
Disabling sharing of administrative taskDisabling sharing of administrative task By default all Microsoft Windows NT based operating system possess hidden administrative shares options, allowing the administrator of a machine to access the machine via the network. Here is... en.kioskea.net/faq/sujet-815-disabling-sharing-of-administrative-task
NTFS uses more disk space than FATNTFS uses more disk space than FAT Myth: Reality: Explanation: Microsoft invented both NTFS and FAT file system FAT is inherited from MS-DOS and Windows 95/98, while NTFS is inherited from Windows NT4. NTFS is the file system default... en.kioskea.net/faq/sujet-761-ntfs-uses-more-disk-space-than-fat
More answers

Results for Sharing and permissions in Windows NT

How disable or enable Simple File Sharing XP? (Solved)Hello, How can one disable or enable Simple File Sharing in Windows XP? en.kioskea.net/forum/affich-1699-how-disable-or-enable-simple-file-sharing-xp
NTOSKRNL.EXE is missing or corruptHello, i get a problem with my windows The message is always the same. When starting up, this appears: Windows NT could not start because the below file is missing or corrupt: C:\Winnt\System32\Ntoskrnl.exe can anybody help me en.kioskea.net/forum/affich-531-ntoskrnl-exe-is-missing-or-corrupt
XPHello, How can one disable or enable Simple File Sharing in Windows XP Service pack 3? I have been advised I need to do this to correct an "Access Denied" message I receive when trying to open a folder. Thanks! Malc en.kioskea.net/forum/affich-8888-xp
More answers

Results for Sharing and permissions in Windows NT

Download NTFS for Mac OS XTotal read and write access to NTFS volumes. NTFS for Mac ® BONE X supplies a total access (reading or writing, formatting) towards NTFS partitions. Compatible with all NTFS versions. All the NTFS versions supported - from Windows NT 3.1 to... en.kioskea.net/telecharger/telecharger-1600-ntfs-for-mac-os-x
Download Windows Mobile Device CenterWith the arriving of Windows Vista, it is consequently necessary to use Windows Mobile Device Center.It works on the same foundation as ActiveSync but on top of that aesthetics more complete and with a catch in hand more intuitive.The Windows Mobile... en.kioskea.net/telecharger/telecharger-409-windows-mobile-device-center
More answers

Results for Sharing and permissions in Windows NT

Processes - winlogon - winlogon.exe winlogon.exe (winlogon stands for Windows LogOn Process) is a Windows NT/2000/XP generic process which manages log-on and log-off processes. The process winlogon is also active when the Windows Security window is open (shown when CTRL+ALT+DEL are... en.kioskea.net/processus/winlogon-exe.php3
Processes - mnmsrvc - mnmsrvc.exe mnmsrvc.exe (mnmsrvc stands for Microsoft NetMeeting Service) is a Windows NT/2000/XP generic process used for sharing Windows desktop displays with NetMeeting. The process mnmsrvc is not in any way a virus, a worm, a Trojan horse, spyware, or... en.kioskea.net/processus/mnmsrvc-exe.php3
Processes - alg - alg.exe The process alg.exe (alg stands for Application Layer Gateway) is a generic Windows NT/2000/XP process which manages the third-party Internet Connection Sharing protocol, and, if need be, your firewall. The process alg is not in any way a virus, a... en.kioskea.net/processus/alg-exe.php3
More answers