Logo
Lose Weight
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
 
 
Windows 7

Controlling Access to Your Data (part 1) - Basic Permissions

3/26/2011 3:02:04 PM
When your disk drive or storage device is formatted using NTFS, you can use NTFS permissions to control access to your data. NTFS permissions can be broken down into five broad categories: basic permissions, special permissions, ownership permissions, inherited permissions, and effective permissions. The sections that follow discuss how to use each type of permission.

1. Basic Permissions

With NTFS, permissions are stored in the filesystem as part of the access control list (ACL) assigned to a file or a folder. As described in Table 1, files and folders have a slightly different set of basic permissions.

NOTE

When working with permissions, keep in mind that some permissions are inherited based on the permissions of a parent folder. Inherited permissions are applied automatically, and you cannot edit inherited permissions without first overriding them. If you try to access a folder on your local computer and do not have appropriate permissions to do so, Windows will prompt you to provide administrator permissions (by default). Once you enter the administrator permissions, you’ll be able to access the local folder as an administrator.

Table 1. Basic permissions for files and folders
PermissionHow it’s usedUsed with
Full ControlGrants full control over the selected file or folder. Permits reading, writing, changing, and deleting files and subfolders. Also permits changing permissions, deleting files in the folder regardless of their permissions, and taking ownership of a folder or a file. Selecting this permission selects all the other permissions as well.Files and folders
ModifyPermits reading, writing, changing, and deleting a file or folder. With folders, permits creating files and subfolders, but does not allow taking ownership of a file or folder. Selecting this permission selects all the permissions below it.Files and folders
Read & ExecutePermits executing files. With folders, permits viewing and listing files and subfolders as well as executing files. If applied to a folder, this permission is inherited by all files and subfolders within the folder. Selecting this permission selects the List Folder Contents and Read permissions as well.Files and folders
List Folder ContentsPermits viewing and listing files and subfolders as well as executing files. Inherited only by subfolders and not by files within the folder or its subfolders.Folders only
ReadPermits viewing and listing the contents of a file or folder. Permits viewing file attributes, reading permissions, and synchronizing files. Read is the only permission needed to run scripts. Read access is required to access a shortcut and its target.Files and folders
WritePermits creating new files in folders and writing data to existing files. Permits viewing file attributes, reading permissions, and synchronizing files. Doesn’t prevent deleting a folder or file’s contents.Files and folders

1.1. Viewing and modifying existing basic permissions

You can view or modify a file or folder’s existing basic permissions by completing the following steps:

Figure 1. Working with basic permissions


  1. In Windows Explorer, right-click the file or folder you want to work with and then select Properties.

  2. In the Properties dialog box, select the Security tab. As shown in Figure 1, the “Group or user names” list shows all users and groups with basic permissions for the selected file or folder. If you select a user or a group in this list, the assigned permissions are displayed in the “Permissions for Users” or “Permissions for Groups” list.

NOTE

If permissions are shaded (unavailable), it means they have been inherited from a parent folder.

  1. Before you can change or remove permissions, you must click Edit. This opens an editable view of the Security tab in a new dialog box.

  2. Click the existing user or group whose permissions you want to modify.

  3. To modify existing permissions, use the Allow and Deny columns in the “Permissions for Users” list. Select checkboxes in the Allow column to add permissions, and clear checkboxes to remove permissions.

  4. To prevent a user or a group from using a permission, select the appropriate checkbox in the Deny column. Denied permissions have precedence over other permissions.

  5. Click OK to save your changes.

1.2. Adding new basic permissions

You can add new basic permissions to a file or folder by completing the following steps:

Figure 2. Select Users or Groups dialog box


  1. In Windows Explorer, right-click the file or folder you want to work with and then select Properties.

  2. In the Properties dialog box, select the Security tab. The “Group or user names” list shows all users and groups with basic permissions for the selected file or folder.

  3. If a user or group whose permissions you want to assign isn’t already listed, click Edit. This opens an editable view of the Security tab in a new dialog box.

  4. Click Add to display the Select Users or Groups dialog box, shown in Figure 2.

  5. Type the name of a user or a group account. Click Check Names and then do one of the following:

    • If a single match is found for each entry, the dialog box is automatically updated as appropriate and the entry is underlined.

    • If multiple matches are found, you’ll see an additional dialog box that allows you to select the name or names you want to use, and then click OK.

    • If no matches are found, you’ve probably entered an incorrect name. Modify the name in the Name Not Found dialog box and then click Check Names again.

  6. Configure permissions for each user and group you added by selecting an account name and then allowing or denying access permissions as appropriate.

  7. Click OK to save your settings.

1.3. Removing basic permissions

You can remove a user or group’s basic permissions by following these steps:

  1. In Windows Explorer, right-click the file or folder you want to work with and then select Properties.

  2. In the Properties dialog box, select the Security tab. The “Group or user names” list shows all users and groups with basic permissions for the selected file or folder.

  3. Click Edit to open an editable view of the Security tab in a new dialog box.

  4. Click the existing user or group whose permissions you want to remove, and then click Remove.

  5. Click OK to save your changes.
Other -----------------
- Securing and Sharing Your Data : Securing Your Files
- Fixing and Tweaking Your Network : Managing Network Connections
- Fixing and Tweaking Your Network : Changing Network Settings
- Fixing and Tweaking Your Network : Maximizing Network Performance
- Troubleshooting Network Problems (part 2) - Troubleshooting TCP/IP Problems
- Troubleshooting Network Problems (part 1) - Troubleshooting HomeGroup Problems & Network Troubleshooting Tools
- Fixing and Tweaking Your Network : Diagnosing Problems Using Network Map
- Fixing and Tweaking Your Network : Viewing Status in Network And Sharing Center
- Connecting to Another Computer with Remote Desktop (part 4) - Configuring Performance Options
- Connecting to Another Computer with Remote Desktop (part 3) - Using a Remote Desktop Connection
- Connecting to Another Computer with Remote Desktop (part 2) - Enabling Inbound Remote Desktop Connections
- Connecting to Another Computer with Remote Desktop (part 1) - Configuring Your Network for Remote Desktop Connections
- Finding and Using Shared Resources on a Windows Network
- Sharing Resources with Older Windows Versions (part 4) - Sharing a Printer & Setting Server Properties
- Sharing Resources with Older Windows Versions (part 3) - Setting Advanced Sharing Properties
- Sharing Resources with Older Windows Versions (part 2) - Sharing Files with Public Folders & Sharing Files and Folders from Any Folder
- Sharing Resources with Older Windows Versions (part 1) - Configuring Your Network for Sharing
- Sharing Files, Digital Media, and Printers in a Homegroup (part 2)
- Sharing Files, Digital Media, and Printers in a Homegroup (part 1) - Deciding What to Share—And What Not to Share
- Using HomeGroup to Connect Your Computers at Home
 
 
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS
Top 10
- Windows Phone 8 Apps : Camera (part 4) - Adjusting Video Settings, Using the Video Light
- Windows Phone 8 Apps : Camera (part 3) - Using the Front Camera, Activating Video Mode
- Windows Phone 8 Apps : Camera (part 2) - Controlling the Camera’s Flash, Changing the Camera’s Behavior with Lenses
- Windows Phone 8 Apps : Camera (part 1) - Adjusting Photo Settings
- MDT's Client Wizard : Package Properties
- MDT's Client Wizard : Driver Properties
- MDT's Client Wizard : Application Properties
- MDT's Client Wizard : Operating System Properties
- MDT's Client Wizard : Customizing the Deployment Share
- Windows Server 2012 : Software and User Account Control Administration (part 5) - Maintaining application integrity - Configuring run levels
 
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
2015 Camaro