NTFS (New Technology File System) Permissions

NTFS (New Technology File System) Permissions is a file system feature that lets you set specify which files on your system can be accessed by which specific users, and what kind of access they have to each file. You can give a specific user the right to modify a file, or only to read that file, or you can give that user Full Control of the file.

To set NTFS permissions, in Windows Explorer, right-click on the name of the file or folder and in the popup menu that appears, select Properties. In the Properties dialog box that appears, click on the Security tab.

File or folder Properties dialog box

The top portion of the Properties dialog box displays a list of users that have an account on your system or on the network. Click on the name of a user or group to select it. The current permissions configured for that user or group will then be indicated in the bottom Permissions portion of the dialog box.

Permissions dialog box

To change the permissions configured for a selected user or group, click on the [Edit...] button. The Permissions dialog box for that user or group will appear. The Permissions dialog box displays a list of permissions with an [ ] Allow and [ ] Deny checkbox next to each permission. Check or uncheck the boxes to set the desired permission.

Full controlUser may read, make changes, if it's a program, execute, or delete, or change permissions
ModifyUser may read, make changes, execute, or delete
Read & executeUser may read file or execute
List folder contentsUser may list folder contents
ReadUser may read file but not make changes
WriteUser may read and make changes
Special permissionsUser gets one or more special permissions for example user may read file or folder attributes

Troubleshooting NTFS Permissions

The complex structure of Windows NTFS and share permissions can result in a user or group being unable to access resources which they are authorized to access, or have access to resources they are not authorized to access. The reasons for this are:

NTFS vs share permissions
nested shares in a file structure
permissions applied to a folder inherited by subfolders
inheritance denied at some level
access rights set in Active Directory
multiple group memberships and nested groups

Effective Permissions tab

One way to determine actual permissions to a specific file is to check its Effective Permissions. In the files Properties dialog box, click on the [Advanced] button. In the Advanced Security Settings dialog box that appears, click on the Effective Permissions tab.

NTFS permissions can be extremely powerful in setting specific access rights for specific users, but NTFSs complexity can be overwhelming. One of the best resources I've found for understanding NTFS Permissions is

Learn more at

More Windows Administration Information:
• Hands-On Microsoft Windows Server 2008 Administration
• Computer Data Backups - Test Now or Cry Later
• Make Windows 10 File Explorer Open to This PC instead of Quick Access
• A Handful of Useful Run Commands: calc, notepad, wordpad, voice recorder, control
• Planning a Backup and Restoration of Files for Disaster Recovery
• Installing a Local Printer on Windows Vista
• How to Check Your PCs TPM
• For Quick Information About System - DOS Systeminfo Command
• Use the HOSTS File to Block Web Sites
• How to Optimize Your Solid State Drive