Setting File and Folder Permissions on a GuardianOS server with Windows.
This information is not Operating System specific
On files and directories following the Windows security model, the GuardianOS supports the use of the Windows NT, 2000, or XP interface to set directory and file permissions for local and domain/ADS users and groups on the Snap Server. On a directory, administrators can also set inheritance permissions that will be inherited by subordinate folders and files created within the directory.
Default File and Folder Permissions
When a file or directory is created, the GuardianOS grants access to the accounts listed in the following table. Access permissions for each account are inherited from the parent directory. The example shows the default settings for a file created by the local user admin.
File/Directory-Level Access Permissions
User owner - Initially, the user who created the file or directory
Group owner - The primary group of the user who created the file or directory
Everyone - Includes users to whom no other permission applies
The default permissions cannot be deleted.
The Everyone group may be removed but the user owner and group owner may not be removed. The permissions, however, may be modified for these accounts as described below.
Ownership is set when the file or folder is created.
The user account under which a file or folder is created becomes the owner of the file or folder. This user's primary group becomes the group owner of the file or folder.
The primary group of NT 4.0 or AD domain users is specified on the domain controller.
For local users, the primary group is AllLocalUsers. For Windows domain users, the primary group can be set on a Windows domain controller. (This setting is purely for compatibility with the GuardianOS security and is not significant in Windows security.)
The user owner always has change permissions access.<br>Regardless of file-level access settings, a user owner has change permissions access to files and directories.