File and Print Services Overview
This chapter File and Print Services elaborates some important points which are given below
• NTFS permissions allow you to control which users and groups can gain access to files and folders on an NTFS volume.
• Each of the standard permissions consists of a logical group of special permissions.
• Explicit permissions are permissions granted directly to the file or folder.
• Inherited permissions are permissions that are granted to a folder (parent object or container) and that flow into child objects (subfolders or files inside the parent folder).
• The Deny permission always overrides the permissions that have been granted, including when a user or group has been given the full control permission.
• Effective permissions are the actual permissions when logging in and accessing a file or folder. They consist of explicit permissions plus any inherited permissions as a user or from any groups that user is a member of.
• If a file or folder is copied, the new file or folder automatically acquires the permissions of
the drive or folder to which it is being copied.
• If a file or folder is moved within the same volume, the file or folder retains the same permissions that were already assigned to it.
• If a file or folder is moved from one volume to another volume, it automatically acquires the permissions of the drive or folder to which it is being copied.
• The owner of the object controls how permissions are set on the object and to whom permissions are granted.
• If, for some reason, you have been denied access to a file or folder, you need to reset the permissions by taking ownership of a file or folder and modifying the permissions.
• Encryption is the process of converting data into a format that cannot be read by another user.
• Encrypting File System (EFS) is a core file encryption technology used to store encrypted
files on NTFS file system volumes.
• Most users are not going to log on to a server directly to access their data files. Instead, a drive or folder will be shared (known as a shared folder), and they will access the data files over the network.
• Like NTFS, you can allow or deny each share permission.
• To simplify managing share and NTFS permissions, Microsoft recommends giving everyone
full control, and then controlling access using NTFS permissions.
• An administrative share is a shared folder typically used for administrative purposes.
• Microsoft refers to the printer itself as a print device.
• A printer in Windows is a logical printer, which will provide a software interface between the print device and applications.
• A printer pools to act as a single virtual printer with a single print queue, but it contains two or more physical printers.
• Since printers are considered objects, you can assign permissions to a printer. You can specify who can use the printer, who can manage the printer, and who can manage the print jobs.
• By default, the Print permission is assigned to the everyone group.
• The print queue shows information about a document such as print status, owner, and number of pages to be printed.
• When you use Internet Printing, you can print or manage documents from a web browser using the Internet Print Protocol (IPP), which is encapsulated in the Hypertext Transfer Protocol (HTTP).
• Auditing provides a record of the users that have logged in and what the user accessed or tried to access.
• Auditing is not enabled by default. To enable auditing, you specify what types of system
events to audit using group policies or the local security policy.
• To audit NTFS files, NTFS folders, and printers is a two-step process. You must first enable
Object Access using group policies. Then you must specify which objects you want to audit.
Following are the topics included in this chapter File and Print Services
This chapter is a part of 98-365 Windows Server Administration Fundamentals Prep course. More chapters in this course are
The Practice tests included in this course are: