NTFS Level Security and Permissions for Windows server 2008
The permissions you set, decides the security of the files placed on the Windows server. Hence, it is important for anyone to understand that Windows Server 2008 R2 doesn’t offer Complete control to each over the NTFS and the share levels. Inorder to avoid an unauthorized access, crucial system files and the directories are secured by setting restrictions to users. This version of Windows has indeed been improvised, but at thorough knowledge of File level security is required to ensure the safety and security of files present in your Dedicated Windows Server.
Understand the Windows NTFS (NT File System) Security
The Windows Server 2008 R2 is offered with the updated version of NTFS. Every object that refers to the NTFS, also the files and folders, are marked by an ACE i.e. Access Control Entry. The ACE physically restricts the users from accessing a resource. This concept is used by NTFS permissions for controlling the read, write and other access type permissions on files. File servers must avail of NTFS-level permissions, and every directory must have their file-level permissions examined to ascertain if there are holes in the NTFS permission set. Ammending the NTFS permissions in Windows Server 2008 R2 is a easy. Users can follow the steps mentioned below:
Step 1 : Right-click the file or folder to which the security must be applied, then go to its Properties.
Step 2 : Choose the Security tab.
Step 3 : Select Advanced.
Step 4 : Select Change Permissions.
Step 5 : Un-check the Include Inheritable Permissions from This Object’s Parent .
Step 6 : You’d be asked for the use of parent permissions, select Remove.
Step 7 : In the Advanced dialog box, select Add to provide access to the users and/or groups whom you intend to grant permissions to access the files or folders.
Step 8 : Check Replace All Child Object Permissions with Inheritable Permissions from This Object check-box. Select OK.
Step 9 : Then you’d be asked with replacing the security on child objects, select Yes for replacing the child object security.
Step 10 : Select OK. Click OK once more to exist Properties.
NTFS Security vs the Share-Level Security
Older versions of Windows Server security used share-level permissions that could be set independently. A share is a file server entry point, which permits users access a particular directory on the file server. Previous file systems such as HPFS,FAT, and FAT32 lacked the file level security, hence it was required to set the security on the share level. Though, the share level security could yet be set on files. NTFS level security is preferred for the basic reason that the share level security isn’t capable for securing the contents of sub-directories with similar ease.
How to Audit the File Access ?
The practices adopted for auditing the file level security is by setting-up auditing on servers, directories or file. This notifies the administrators about users that try to access any directory which may-be they are not supposed to. This can provide a help further to secure the server from identifying the users that try to access restricted information. The audit entries are an example of security settings that can be automatically set using the Windows Server 2008 R2 security templates. These templates can be considered to effectively control audit settings.
The following steps can help you set-up an auditing for a file/folder in Windows Server 2008 R2:
Step 1 : Right-click the file or folder whom you intend to apply auditing, then choose Properties.
Step 2 : Select the Security tab.
Step 3 : Select Advanced.
Step 4 : Select the Auditing tab.
Step 5 : Select Edit.
Step 6 : Click Add and populate the list of users and/or groups whom you wish to be audited. You can even audit each user by selecting the Everyone group.
Step 7 : On the Auditing page, you need to choose the types of access to be audited. Selecting all the options would enable you to audit all success and failure attempts.
Step 8 : Select OK.
Step 9 : Again OK twice for saving the settings and exiting the process.
