They’re one of the most dreaded and tedious but necessary tasks of system administration. However, file- and folder-level permissions are significant in terms of protecting data from unauthorized use on your network. If you have ever worked with Unix permissions, you know how difficult they are to understand and set: complex CHMOD-based commands, with numbers that represent bits of permission signatures—it’s so easy to get lost in the confusion. Windows Server 2003, on the other hand, provides a remarkably robust and complete set of permissions, more so than any common Unix or Linux variety available today. It’s also true that no one would argue how much easier it is to set permissions in Windows than to set them in any other operating system. That’s not to say, however, that Windows permissions are a cinch to grasp; there’s quite a bit to them.
Windows supports two different views
of permissions: standard and special.
permissions are often sufficient to be applied to files
and folders on a disk, whereas
permissions break standard permissions down into finer
combinations and enable more control over who is allowed to do what
functions to files and folders (called
objects) on a disk. Coupled with Active Directory groups, Windows Server 2003 permissions are particularly powerful for dynamic management of access to resources by people other than the system administrator—for example, in the case ...