Configuring and Troubleshooting Resources
Click the Security tab.
3. Click the Advanced button to display the Advanced Security Settings
dialog box.
4. Click the Effective Permissions tab.
5. Click the Select button, type a user or group name for which you want
to view effective permissions, and click OK. (Click the Advanced but-
ton and then click Find Now to select from a list of user and group
6. View the effective permissions for the user or group that you selected,
as shown in Figure 2.9.
7. Click OK to close the Advanced Security Settings dialog box and then
click OK to close the properties sheet.
Figure 2.9 Viewing NTFS effective permissions for a user or a group.
Understanding and Troubleshooting
“Access Denied” Messages
Okay, there’s nothing as frustrating as “access denied.”
As a desktop support technician, when different factors control access to files
and folders, users might not be able to access files that they need. In these
instances, you must diagnose and fix the problem. The major contributing
factors for access control issues are
Chapter 2
Shared folder permissions
NTFS permissions
EFS-encrypted files
If you review these three major factors in the sequence listed, you should be
able to solve most access-control issues. Share permissions do not apply to
local users trying to access local folders and files. NTFS permissions and
EFS encryption apply to both local and network users.
For remote users attempting access files over the network, always check the
share permissions first. Also, the default share permissions are Everyone:
Allow Read for Windows XP Professional and Windows Server 2003.
Share permissions have no effect on local file access by local users; local
access includes users interactively logged on to a computer and users logged
on to a computer via Terminal Services (Remote Desktop Connections).
After you verify the share permissions for a folder, check the NTFS permis-
sions. NTFS permissions apply to all users—whether they are local users or
network users. Be sure to review all special NTFS permissions, not just the
basic NTFS permissions. Right-click the folder or file in question, select
Properties, and click the Security tab. Click the Advanced button to view and
adjust the special NTFS permissions, if necessary.
Also, from the Advanced Security Settings dialog box, click the Effective
Permissions tab and check the effective permissions for each user and group
that you are investigating. These measures should reveal why users can’t
access the folders or files that they need.
After you verify and make any necessary changes to the share permissions
and NTFS permissions to allow users to access the files and folders that they
need, be sure to check for EFS encryption if the access problem still persists.
To check a file or folder for EFS encryption, right-click the object and select
Properties. From the General tab, click the Advanced button to display the
Advanced Attributes dialog box, as shown in Figure 2.10.
If the Encrypt Contents to Secure Data check box is marked, the object is
encrypted: encryption limits access to the user who originally encrypted the
file, any users who have been granted shared access to the encrypted file, and
the designated Data Recovery Agent (DRA).

Get Supporting Users and Troubleshooting a Windows® XP Operating System Exam Cram™ 2 (Exam 70-27) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.