Information Technology Reference
In-Depth Information
for Encrypted2. Click Details , and then click Add . Note that testuser1 and testuser2 are
listed. Click testuser1 , and then click OK . Click OK three more times.
8. Log off and log on again as testuser1 . Click to open the Public Documents folder. Verify that
you can open Encrypted2 without error, and then close the file.
9. Copy Encrypted2 to the desktop. Verify that the new file remains encrypted by opening the
Advanced Attributes dialog box. Oddly, when an encrypted or compressed file is on the
desktop, the filename remains a normal color instead of green (for encrypted) or blue (for
compressed).
10. Log off Vista.
EFS is a valuable feature on an NTFS volume as an extra layer of security for files stored on
the hard drive. EFS is particularly important on laptops and other systems that aren't well pro-
tected from theft or loss. If a computer or hard drive is stolen, accessing data in an EFS-protected
file takes considerable effort. However, NTFS file and folder permissions, discussed in the next
section, remain the primary method of controlling access to files on domain controllers and
member servers.
6
Securing Access to Files with Permissions
There are two modes for accessing files on a networked computer: network (sometimes called
remote) and interactive (sometimes called local). It follows, then, that there are two ways to
secure files: share permissions and NTFS permissions. Share permissions are applied when a user
attempts network access to shared files. NTFS permissions always apply, whether file access is
attempted interactively or remotely, through a share. That last statement might sound confusing,
so take a closer look at how permissions work.
NTFS permissions work much like Active Directory object permissions, with
concepts such as permission inheritance and special permissions, so much
of what you learned about Active Directory permissions in Chapter 4
applies here as well.
Permissions can be viewed as a gatekeeper to control who has access to folders and files.
When you log on to a computer or domain, you're issued a ticket containing information such
as your username and group memberships. If you attempt to access a file or folder, the gate-
keeper examines your ticket and compares your username and group memberships (including
special identity groups) to the file or folder's access list. If neither your username nor your groups
are on the list, you're denied access. If you or your groups are on the list, you're issued an access
ticket that combines all your allowed permissions. (Deny permissions are exceptions, as you
learned in Chapter 4 and examine again later in this chapter.) You can then access the resource
as specified by your access ticket.
At least, that's how the process works when you're attempting interactive access to files. If
you're attempting network access, there are two gatekeepers: one that checks your ticket against
the share permissions access list and, if you're granted access by share permissions, another that
checks your ticket against the NTFS permissions access list. The NTFS gatekeeper is required to
examine your ticket only if you get past the share gatekeeper. If you're granted access by share
permissions, you're issued an access ticket. Then if you're granted access by NTFS permissions,
you're allowed to keep the access ticket that gives you the least permission between the two.
For example, Bill is granted Read access by share permissions and Read and Write access by
NTFS permissions. Bill gets to keep only the Read access ticket because it's the lesser of the two
permissions. Another example: Neither Bill nor any of Bill's groups are on the share permissions
access list. There's no need to even examine NTFS permissions because Bill is denied access at
the share permissions gate. As a final example, Bill is granted Full Control access by share per-
missions and Modify access by NTFS permissions. Bill's access ticket gives him Modify permis-
sion because it allows less access than Full Control.
The general security rule for assigning permissions to resources is to give users the least
access necessary for their job. This rule is often referred to as the “least privileges principle.”
 
Search WWH ::




Custom Search