Accounts and permissions features in Windows

Source: Internet
Author: User
Tags continue

There are a few questions to figure out before you continue reading:

First, the difference between permissions and rights. In the Windows operating system, permissions and rights represent different content. Permissions (Permission) represent a user's ability to access system resources such as files, folders, printers, and rights (right) on behalf of the user's ability to set up the system. Permissions and rights can be collectively referred to as privileges.

Second, only Windows NT and subsequent Windows 2000/xp/2003 have strict privileges and other definitions. In addition, if you want to use file access permissions, the file must also reside on the NTFS file system partition. Compared to the FAT and FAT32 file systems, the NTFS file system can support larger partitions while keeping the cluster size intact, as well as a range of security features that are recommended for use. However, the DOS and Windows 9x operating systems do not support this file system. There are two ways to get a partition of the NTFS file system: Create a partition and format it as an NTFS file system, or convert the partition of an existing FAT or FAT32 file system to the NTFS file system without preserving the data. This conversion can use the Windows Convert.exe program, enter "Convert C:/fs:ntfs" in the command line state and return to the C drive can be converted, other disks need to replace C for the corresponding drive letter. Also note that the conversion system disk may require you to reboot the system to complete.

User accounts

With Windows 9x, we may not know much about the concept of user accounts, because the concept of users in Windows 9x is not perfect, so few people use them. However, in Windows NT/2000/XP, a user account is an important factor that is closely related to system security, and the operating system assigns the appropriate permissions to each user based on different user accounts and pre-set settings to accomplish certain tasks. And each account is independent of each other, do not disturb.

Simply put, the account in the system can be compared with the account in Instant messaging software such as QQ, for example, we can apply for a QQ number, with the password set by ourselves, which becomes a QQ account. With this account we can login QQ, and chat with other pre-added friends, using the various services provided by QQ. But a person can also apply for multiple QQ numbers, and these numbers do not affect each other, for example, we added in the first number of friends will not be automatically added to the second number.

By using an account in Windows, we can log in (either locally or on a network) to the Windows operating system, use the appropriate system resources, and view your files. In addition, we can do more with Windows account, for example, each account has a separate collection, My Documents folder, desktop shortcut settings, cookies, etc., each user with their own account of the system's general settings will not affect other users.

So to solve my family's contradictions, just create your own account for each family member. Note that in Windows XP, Microsoft has used a variety of easy methods in order to simplify the setup of accounts and permissions, which makes the settings simpler, but there are fewer options to set, and only the simplest goals can be achieved. If you want to make more complex settings, you will also need to use a similar traditional account in Windows 2000 and a permission setting method. Fortunately this is also available in Windows XP, which we'll explain in detail later.

The following is a detailed description of what we want to achieve, I believe most of the users concerned about this article also for the same purpose:

Each person who uses the computer has its own separate account and does not affect each other.

Everyone has a dedicated folder to store their own private files, others cannot view, modify or delete other people's private files.

Log in with an account with administrative privileges, open the User Accounts Settings window in Control Panel and you will be able to see the Tuyi interface. Under "Pick a task" option click "Create a new account", then the system will need you to provide the user name of the account, enter the completion and click Next, then need to select the type of account (Figure II). By default, Windows XP provides two types of accounts: computer administrators and restricted accounts. As the name implies, a computer administrator is the person with the highest level of control over the computer, and such accounts can set any settings on the system to view, modify, or delete all files on the computer. Therefore, we must be careful when creating such accounts, because user error settings using such accounts can cause serious system hurdles. For security reasons, it is also not recommended to use an administrator account in daily use. So here we choose the account type is "Restricted user". Then we created a restricted account for each of our fathers, moms and sisters.

The desktop will not appear immediately after you start the computer, but instead, a welcome screen similar to figure three appears. On the Welcome screen, each user can click on their account name and enter a password (if needed) to log in to Windows. Each user can see exactly the same initial desktop settings after logging in with his or her account, and any changes they make on the desktop (such as adding or removing a desktop shortcut, or changing the wallpaper) will only take effect on themselves and will not affect anyone else.

At the same time, they can save their private documents to the My Documents folder and set the folder to private. Here's how: Log in to your system with your own account, then right-click on the My Documents folder, select Properties, then open the Share tab and select "Make This folder private" (figure IV) so that others cannot access the folder that is set as private. They cannot delete any files and folders other than their My Documents folder, except that they cannot view the files that they have saved in my Documents. In addition, these users can also set a password for their account, so that when you choose to log in with their own account must enter the correct password, or the login will be rejected.

Note that setting a folder as private only works when simple file sharing is turned on, and disabling simple file sharing will only use the traditional way of setting the folder's access rights. Detailed instructions are described later in this procedure. In addition, not all folders can be set directly to private, only the folders in the user profile (that is, the My Documents folder by default) can be set to private, you cannot select the "Make this folder private" option: At the same time, The system disk uses the NTFS file system as well as the ability to set folders for private use as a prerequisite.

If you have an operating system that is Windows 2000, or if you want to implement more complex permission settings under Windows XP Professional, you can continue reading the following content.

Note: The following content is appropriate for Windows 2000 and Windows XP Professional as well as for Windows Server 2003 operating systems, not for Windows XP Home, and also for the hard disk file system to NTFS.

We will still use Windows XP Professional as an example, because the other settings are not much different from Windows 2000 and Windows Server 2003 after you disable simple file sharing for Windows XP.

Log on with an account that has administrative privileges, open My Computer in Windows XP, and then, under the Tools menu, tap Folder Options to open the View tab of the folder options. In this case, uncheck the "Use Simple File Sharing (recommended)" option (Figure V).

We then assumed that we had to do the following: Create a "Temp" folder under the C-packing directory, and save a few files at random. We want Dad to be able to access this folder and the files in it, and can delete any file, but can not assign permissions to others; MOM can only view the contents of the file, can not modify or delete the file;

Right-click on the Temp folder, select "Properties", Open the Folder Properties dialog box, then open the "Security" tab, you will be able to see the interface of Figure six. Several default security group permission settings are shown here. Then we started to set permissions for Dad, click the "Add" button next to it, and then enter the user name of the father's account, and return, you can see, the user list is more than the father's account. Use the same method to add both mom and sister accounts to this list, and then start setting them up in turn.

Because we allow Dad to read and modify and delete the files, so in the above window, select Dad's Username, and then in the "Allow" check box below, select "Modify", "Read and run", "List Folder Directory", "read" and "write" (Figure Seven). Note that you should not simply check the Allow Father account to have Full Control permissions on the folder. Because full control means that you can assign permissions to other users in addition to reading and writing changes and deleting the target folder, it is obviously not secure enough, so it is best not to assign the full Control permissions to others, especially restricted users.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.