NTFS (New Technology File System) Permissions is a file system feature that lets you set specify which files on your system can be accessed by which specific users, and what kind of access they have to each file. You can give a specific user the right to modify a file, or only to read that file, or you can give that user Full Control of the file.
To set NTFS permissions, in Windows Explorer, right-click on the name of the file or folder and in the popup menu that appears, select Properties. In the Properties dialog box that appears, click on the Security tab.
The top portion of the Properties dialog box displays a list of users that have an account on your system or on the network. Click on the name of a user or group to select it. The current permissions configured for that user or group will then be indicated in the bottom Permissions portion of the dialog box.
To change the permissions configured for a selected user or group, click on the [Edit...] button. The Permissions dialog box for that user or group will appear. The Permissions dialog box displays a list of permissions with an [ ] Allow and [ ] Deny checkbox next to each permission. Check or uncheck the boxes to set the desired permission.
| Full control | User may read, make changes, if it's a program, execute, or delete, or change permissions |
| Modify | User may read, make changes, execute, or delete |
| Read & execute | User may read file or execute |
| List folder contents | User may list folder contents |
| Read | User may read file but not make changes |
| Write | User may read and make changes |
| Special permissions | User gets one or more special permissions for example user may read file or folder attributes |
Troubleshooting NTFS Permissions
The complex structure of Windows NTFS and share permissions can result in a user or group being unable to access resources which they are authorized to access, or have access to resources they are not authorized to access. The reasons for this are:
• NTFS vs share permissions
• nested shares in a file structure
• permissions applied to a folder inherited by subfolders
• inheritance denied at some level
• access rights set in Active Directory
• multiple group memberships and nested groups
One way to determine actual permissions to a specific file is to check its Effective Permissions. In the files Properties dialog box, click on the [Advanced] button. In the Advanced Security Settings dialog box that appears, click on the Effective Permissions tab.
NTFS permissions can be extremely powerful in setting specific access rights for specific users, but NTFSs complexity can be overwhelming. One of the best resources I've found for understanding NTFS Permissions is NTFS.com
More Windows Administration Information:
• How to Setup DHCP (Dynamic Host Configuration Protocol) on a Windows Server
• Introduction to Windows PowerShell
• Command Line to Get Computer's Numner of CPU Cores
• How to Disable Windows 10 OneDrive
• How to Create a Bootable USB Drive
• Script to Display the Processes Running on a Computer
• Create a Windows 7 Disk Image Backup
• Disable Unnecessary Background Apps
• The Security and Maintenance of Messages in Outlook Express
• Check Your Version of PowerShell