Configuring File and Share Access

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following protocols is NOT used for folder sharing in Windows?

Network File System (NFS)

Server Message Block (SMB)

File Transfer Protocol (FTP) (correct)

Common Internet File System (CIFS)

What must be determined before creating a folder share?

The type of server hardware being used

The folders to share and their permissions (correct)

The maximum file size allowed in the share

The specific user accounts that can access the share

Which interface provides greater control when sharing folders?

Advanced Sharing dialog box

File Sharing dialog box

Properties sheet Sharing tab (correct)

New Share Wizard

Which service is required on a server to use the Server Message Block (SMB) protocol?

File Server role service Signup and view all the answers

What is an adjustable setting when creating a folder share for offline files?

The type of offline caching Signup and view all the answers

What does the Full Control share permission allow a user to do?

Change file permissions and delete folders and files Signup and view all the answers

During NTFS authorization, what does the system compare when a user attempts to access a file or folder?

User's SIDs with the ACEs stored in the element Signup and view all the answers

Which permission allows users to create folders within a shared directory?

Full Control Signup and view all the answers

What is the primary function of the Security Principals in NTFS?

To identify users and groups using security identifiers Signup and view all the answers

What action is NOT permitted by the Change permission in shared folders?

Take ownership of files Signup and view all the answers

What is the primary purpose of the Access Control List (ACL) in Windows Permissions Architecture?

To define the permissions for security principals on a resource. Signup and view all the answers

What is an example of an Advanced Permission in Windows Permissions?

Change Permissions Signup and view all the answers

Which statement about Deny permissions in effective access is true?

Deny permissions always take precedence over Allow permissions. Signup and view all the answers

What describes the nature of Basic Permissions in Windows Permissions?

They are preconfigured permission combinations for ease of use. Signup and view all the answers

In inheriting permissions, what is the primary effect of the permissions hierarchy?

Permissions run downward, allowing approaches such as additive and subtractive methods. Signup and view all the answers

Study Notes

Chapter objectives include configuring file and share access, designing a file sharing strategy, creating folder shares, assigning permissions, and configuring NTFS quotas.
Network users require shares to access disks on servers.
Determining what folders to share, assigning names, specifying permissions, and defining offline file settings are crucial.
Creators/owners can share their folders through the simplified interface accessed by right-clicking and the 'Share with Specific People' option.
Alternatively, more control over folder sharing can be achieved using the sharing tab within the folder's Properties sheet.
The File Sharing dialog box enables choices for the user to share with and assign permission levels.
The Advanced Sharing dialog box allows for share name configuration, limiting simultaneous users, comments, permissions, and caching settings.
Server Message Blocks (SMB) is the standard file-sharing protocol used by Windows versions. Requires the File Server role service.
Network File System (NFS) is a standard file-sharing protocol used primarily by UNIX and Linux distributions, requiring the Server to have an NFS role service.
The Shares homepage in Server Manager displays all shares, and provides tools to manage them.
To create a new share, the New Share Wizard is used, including the options for share name, description in local and remote paths, additional settings, permissions, and confirmation.
Implementing share profiles is often a faster approach with more basic options for SMB share creations.
The wizard enables selection of the server and path for the share, including choosing from the volume or specifying a custom path.
Different configuration profile choices may result in certain options being available or not available during the creation process within the steps on the wizard.

Assigning Permissions

Access Control Lists (ACLs), Access Control Entries (ACEs), and Security Principal concepts facilitate permissions management.
ACL is the folder definition and specifies permissions related to sales, managers (full control), and a particular user.
Permissions allow specific access degrees to security principals.
Basic permissions are preconfigured combinations of permissions, while advanced permissions are more granular and applied individually.
Additive permission, or preferred method, starts with no permissions and grants allow permissions.
Subtractive permission starts with granting allowed permissions and grants deny permissions.
Permissions inherit downward through a hierarchy effectively controlling access. Explicit permission overrides inherited attributes and is prioritized.
The Security tab of a properties sheet enables permission management allowing to edit permissions for everyone.
NTFS authorization defines how the system regulates user permission to files & folders using security identifiers (SIDs).
Basic NTFS permissions, like full control, modify, delete, read, and execute, define specific actions associated with different permission levels for files and folders.
Combining share and NTFS permissions affects access control, with local NTFS permissions affecting file & folder access, and shared permissions affecting network access to files & folders. The more restrictive of the permissions settings (local or remote) is the one that actually takes precedence.

NTFS Authorization

NTFS and ReFS systems support permissions.
Every file and folder has an ACL (Access Control List) with ACEs (Access Control Entries) specifying permissions for security principals.
Security principals are users and groups identified by Windows using Security Identifiers (SIDs).
During authorization, the system checks the user's SIDs against the element's ACEs to verify access.

Volume Shadow Copies

Maintaining previous versions of files on a server.
Enables access to a file even if accidentally deleted or overwritten.
Implemented only for entire volumes.

Configuring NTFS Quotas

Administrators can set storage limits for users on a volume.
Users exceeding the quota limit might be denied access or receive a warning.
Space consumption is measured by the size of files owned or created by the user.

Lesson Summary

Creating folder shares makes data on file servers accessible to users.
Permissions operate independently, including NTFS, share, registry, and Active Directory permissions.
NTFS permissions enable granular control over access levels, including what tasks users can perform.
Share permissions provide rudimentary, basic access control for files on a network share.
Access-based enumeration controls access based on individual permissions and determines which resources are visible to the user.
Offline Files store local copies of files accessed from server shares.
Volume Shadow Copies enable the preservation of file versions.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Description

This quiz covers the essential concepts of configuring file and share access, including designing a file sharing strategy, creating folder shares, and assigning permissions. Learn about utilizing the File Sharing dialog box and Advanced Sharing options to enhance file accessibility. Test your understanding of share configurations and management techniques.