This entry was posted on Monday, July 26th, 2010 at 4:32 pm and is filed under File Server 2008, Windows Server. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
What is the Access Control List (ACL)?
The Windows ACL is used for determining which users can access server resources at specific levels. The security token created from Windows Server 2008’s security sub system, upon login authentication, contains the user’s security identifier (SID) which represents the Active Directory groups the user belongs to.
Why do you need ACL?
The purpose of ACL is to control Group/User access for Windows Server 2008 folder resources. When a user attempts to access an NTFS Folder/File the SID token is compared to the Access Control List (ACL) to determine if the user has access to the Folder/File resource based on the user’s group member status.
How do you use Windows Server 2008 Access Control List (ACL)?
In this example we will grant the Sales group access to the Sales folder on our server. The Sales storage folder will only allow people to the Sales group access. Here is how it is performed:
1. Open My Computer and navigate to storage folder.
2. Right click on the storage folder and select properties. The user interface for the ACL will appear. From here you will have access to three interfaces:
3. Open the Security tab and click on the edit button.
4. Click the Add button.
5. Enter Sales the name of the group and click the Ok button. Then click Ok again on the Permissions screen.
6. Now click the Advanced button below to edit Permissions for the Sales group.
7. In the Advanced Security dialog box select the Sales group and press Edit.
8. Now you can edit the Advanced Security Settings in the Permissions entry dialog box. At this point you can remove inheritable permissions from the parent settings. Now click on the Edit button to adjust security permissions.
9. Now select the security permissions you want to apply to the Sales group. Once finished selecting the permissions click Ok on this and the previous screens to complete.
That concludes applying security permissions on folder resources for Active Directory Groups. All questions and comments are welcome.
