Adaptec 5325301638 Administration Guide - Page 67

How the GuardianOS and Windows Differ in Processing File-Level Access Permissions

Get Adaptec 5325301638 - Snap Server 4500 NAS PDF manuals and user guides
UPC - 753253016389
View all Adaptec 5325301638 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 67 highlights

Setting File and Folder Permissions (Windows) To Set File and Directory Permissions and Inheritance (Windows) 1 Using a Windows NT 4.0, 2000, or XP client, map a drive to the Snap Server, logging in as a user with change permissions for the target file or directory. 2 Do one of the following: • In Windows NT, right-click the file or directory, choose Properties, click the Security button, and then select Permissions. • In Windows 2000, right-click the file or directory, choose Properties, and then select the Security tab. 3 Use the Windows security tools to add or delete users and groups, to modify their permissions, and to set inheritance rules. How the GuardianOS and Windows Differ in Processing File-Level Access Permissions The GuardianOS processes access permissions differently than does the Windows operating system, allowing administrators finer granularity in devising a file access strategy. When a user attempts to perform an action on a file and directory, Windows collects all permissions that apply to the user before deciding whether to allow the user to perform the action. The GuardianOS, on the other hand, uses the first applicable permission it finds to decide whether to allow the user to perform the action. The GuardianOS searches for access permissions in the following order: 1. User owner 2. User 3. Group owner 4. Group 5. Everyone When a match is found, the search stops and the specified access permission is applied. Assume the user joan brown is attempting to modify the file settings.doc. Joan brown is a member of the group sales. As a user, jbrown has read-only access to the file; the group sales has read-write access to the file, as follows: settings.doc: username:jbrown:RO; groupname:sales:RW The following table shows how Windows and the GuardianOS treat these settings: Type jbrown sales Access Read-only Read-write Windows GuardianOS Match found for jbrown, read Match found for user jbrown, access found, continue searching stop searching and prevent for necessary access user from modifying file Match found for group sales, read-write found, allow user jbrown to modify the file In this case, Windows would grant write access to Joan Brown, allowing her to modify the file. The GuardianOS, on the other hand, would not allow Joan Brown to modify the file. Chapter 6 Share and File Access 53

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
Setting File and Folder Permissions (Windows)
Chapter 6
Share and File Access
53
To Set File and Directory Permissions and Inheritance (Windows)
1
Using a Windows NT 4.0, 2000, or XP client, map a drive to the Snap Server,
logging in as a user with change permissions for the target file or directory.
2
Do one of the following:
In Windows NT, right-click the file or directory, choose
Properties
, click the
Security
button, and then select
Permissions
.
In Windows 2000, right-click the file or directory, choose
Properties
, and then
select the
Security
tab.
3
Use the Windows security tools to add or delete users and groups, to modify
their permissions, and to set inheritance rules.
How the GuardianOS and Windows Differ in Processing File-Level
Access Permissions
The GuardianOS processes access permissions differently than does the Windows
operating system, allowing administrators finer granularity in devising a file access
strategy. When a user attempts to perform an action on a file and directory,
Windows collects all permissions that apply to the user before deciding whether to
allow the user to perform the action. The GuardianOS, on the other hand, uses the
first applicable permission it finds to decide whether to allow the user to perform
the action. The GuardianOS searches for access permissions in the following order:
1. User owner 2. User 3. Group owner 4. Group 5. Everyone
When a match is found, the search stops and the specified access permission is
applied. Assume the user
joan brown
is attempting to modify the file
settings.doc
.
Joan brown is a member of the group
sales
. As a user,
jbrown
has read-only access to
the file; the group
sales
has read-write access to the file, as follows:
settings.doc: username:jbrown:RO; groupname:sales:RW
The following table shows how Windows and the GuardianOS treat these settings:
In this case, Windows would grant write access to Joan Brown, allowing her to
modify the file. The GuardianOS, on the other hand, would not allow Joan Brown to
modify the file.
Type
Access
Windows
GuardianOS
jbrown
Read-only
Match found for
jbrown
, read
access found, continue searching
for necessary access
Match found for user
jbrown
,
stop searching and prevent
user from modifying file
sales
Read-write
Match found for group
sales
,
read-write found, allow user
jbrown
to modify the file