DAY03 Windows
Experiment One
Experiment name: Adding users to built-in groups
Experiment Description: Create a new user to add the user to the system's built-in group
Experimental topology:
Experimental steps:
Step One: Create a new user Tom-Right-click Properties-Member Of TAB Click Add-Advanced-Find Now-
selected Network Configuration Operators OK-ok
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/39/55/wKiom1O48duA66zIAAF_d5n22OM035.jpg "title=" 1.jpg " alt= "Wkiom1o48dua66ziaaf_d5n22om035.jpg"/>
Step Two: Select Tom user right-click-member-Discovery has joined the Network configuration Operators built-in group-switch user let Tom log in-Modify IP Address Successful
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/39/55/wKioL1O48c7zOEZ1AAEj2Ong_rY949.jpg "title=" 2.jpg " alt= "Wkiol1o48c7zoez1aaej2ong_ry949.jpg"/>
Summary: The focus of the problem is to know which is the built-in user group
Experiment Two
Experiment name: Accumulation of permissions
Experiment Description: Add user A to group zu1 and zu2, assign zu1 Read permissiontoa file , zu2 Write permission, verify a Final Effective Permissions
Experimental topology:
Experimental steps
Step One: New user a-new group zu1 and zu2- Create a new file under E drive aa.txt-Select the file right-click Properties- Security tab-Edit-Add zu1-Assign permissions to read permission- do the same for ZU2 set ZU2 to write permission
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/39/55/wKioL1O48fHCb_DIAAFc3wFyfSI543.jpg "style=" float: none; "title=" 3.jpg "alt=" Wkiol1o48fhcb_diaafc3wfyfsi543.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/39/55/wKiom1O48iCyECJdAAGK5c7BUP4983.jpg "style=" float: none; "title=" 4.jpg "alt=" Wkiom1o48icyecjdaagk5c7bup4983.jpg "/>
Step Two: Add user a to zu1 and zu2-Read and write to the file aa.txt -Discover the ability to read and write successfully
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/39/56/wKioL1O48gvwtF_BAADpmDd1x98555.jpg "title=" 5.jpg " alt= "Wkiol1o48gvwtf_baadpmdd1x98555.jpg"/>
Summary: The problem encountered is to give zu1 and zu2 permissions to the problem caused by user a can not add two groups of permissions to accumulate
Experiment Three
Experiment Name: Inheritance of permissions
Experimental Description: The default subfolder or sub-file inherits the permissions of the parent folder, and subfolders can be removed from inheriting the parent folder.
Experimental topology:
Experimental steps
Step One: Create a new Folder a- creates a b.txt file under Folder A-set permissions on folder a to user Tom Full Control-View a The B.txt file under the folder has the same permissions as the A folder-description B.txt inherits the permissions of folder a
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/39/56/wKioL1O48iSy69zXAAFs4WNsSoQ424.jpg "style=" float: none; "title=" 6.jpg "alt=" Wkiol1o48isy69zxaafs4wnssoq424.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/39/55/wKiom1O48lSB6hrHAAGcPYYKkDw969.jpg "style=" float: none; "title=" 7.jpg "alt=" Wkiom1o48lsb6hrhaagcpyykkdw969.jpg "/>
Step Two: Change b.txt inherited permissions-right-click b.txt Properties-security-advanced-Change permissions-check out the permissions that include inheritable from the parent of the object-click Add a to determine a click Edit Modify permissions for inherited users
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/39/56/wKioL1O48j6zRTuZAAGOAi12sRg332.jpg "style=" float: none; "title=" 8.jpg "alt=" Wkiol1o48j6zrtuzaagoai12srg332.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/39/55/wKiom1O48m2Sl2XyAAGCKMzhmn4601.jpg "style=" float: none; "title=" 9.jpg "alt=" Wkiom1o48m2sl2xyaagckmzhmn4601.jpg "/>
Summary: The problem is that it is easy to forget to check out the permissions that are inherited from the parent of the object, otherwise the permissions will still be inherited
Experiment Four
Experiment name: Rejection is greater than everything
Experiment Description: Add user A to zu1 and zu2 respectively , assign zu1 readpermission to B.txt, ZU2 deny Read permission, verify a finally have permission
Experimental topology:
Experimental steps
Step One: Create user a, user group zu1,zu2, add user a to zu1,zu2, create document B.txt
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/39/56/wKioL1O48lrh9R59AAGi2nLDhpk582.jpg "style=" float: none; "title=" 10.jpg "alt=" Wkiol1o48lrh9r59aagi2nldhpk582.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/39/56/wKioL1O48lqCUM6JAAGzFl-6_lM564.jpg "style=" float: none; "title=" 11.jpg "alt=" Wkiol1o48lqcum6jaagzfl-6_lm564.jpg "/>
Step Two: assign zu1 Read permission to B.txt- deny Read permission to B.txt assignment zu2
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/39/56/wKioL1O48myyL4BzAABVWvUrXb0486.jpg "title=" 12.jpg "alt=" Wkiol1o48myyl4bzaabvwvurxb0486.jpg "/>
Step Three: Login a user verifies that user A has Read access to the B.txt file
Summary: The conclusion is that refusal is greater than all permissions
Experiment Five
Experiment Name: Get ownership
Experiment Description: User A login, in e- disk b.txt, set this file permission only a Full Control,Administrator (Administrator) User Login Verify can I read this file?
Experimental topology:
Experimental steps
Step One: New user a-user a login, create file b.txt- Right-click File one property one security one advanced one permission one change permission one cancellation includes the permission to inherit from the parent of the object check one of the delete one OK one is ok one to add the normal user has Full Control permission one OK
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/39/55/wKiom1O48rixcta_AAFacU8A_eI650.jpg "style=" float: none; "title=" 13.jpg "alt=" Wkiom1o48rixcta_aafacu8a_ei650.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/39/56/wKioL1O48onhi30fAAEhWyGMmsg702.jpg "style=" float: none; "title=" 14.jpg "alt=" Wkiol1o48onhi30faaehwygmmsg702.jpg "/>
Step Two: admin login view b.txt file discovery denied access-right-click Properties-Security One advanced one owner one edit one select Administrator one determines one determines one to continue one add one input administrator Administrator a Tick select the administrator has full control of the permissions one determines whether the administrator can open this file.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/39/56/wKioL1O48qXjVt4BAABR5Er6wKo417.jpg "style=" float: none; "title=" 15.jpg "alt=" Wkiol1o48qxjvt4baabr5er6wko417.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/39/55/wKiom1O48tTRVGwGAAGVM61vLJY650.jpg "style=" float: none; "title=" 16.jpg "alt=" Wkiom1o48ttrvgwgaagvm61vljy650.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/39/56/wKioL1O48qXjUCjLAAGFLP0KnTE564.jpg "style=" float: none; "title=" 17.jpg "alt=" Wkiol1o48qxjucjlaagflp0knte564.jpg "/>
Summary: The problem is that administrator click on the owner when you have secured the ownership, then select the Administrator account, then edit the Administrator account to join the permissions inside
Experiment Six
Experiment name: Effect of copy and move on permissions
Experiment Description: set up four text files in the E-drive folder A.txt,b.txt,c.txt,d.txt to move and copy them to view the change of permissions
Experimental topology:
Experimental steps
Step One: set up four files on e disk for a,b,c,D to view their permissions
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/39/55/wKiom1O48uuAOf5nAAGRGLlnuuQ896.jpg "title=" 18.jpg "alt=" Wkiom1o48uuaof5naagrgllnuuq896.jpg "/>
Step Two: copy a file to drive C to view its permissions-permissions change
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/39/56/wKioL1O48try6GlMAAFtppLaMj4442.jpg "title=" 19.jpg "alt=" Wkiol1o48try6glmaaftpplamj4442.jpg "/>
Step Three: move a file to the C drive to view its permissions-permissions changed
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/39/56/wKioL1O48uzwi8D4AAGA2nwt_PA124.jpg "title=" 20.jpg "alt=" Wkiol1o48uzwi8d4aaga2nwt_pa124.jpg "/>
Step four: copy the C file to this disk directory to view its permissions-permissions changed
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/39/56/wKiom1O48y6SyuOmAAFRK18-p5s241.jpg "title=" 21.jpg "alt=" Wkiom1o48y6syuomaafrk18-p5s241.jpg "/>
Step Five: move the D file to the disk directory to view its permissions-the permissions have not changed
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/39/56/wKiom1O48zuwTbQIAAFx8H3RCWI915.jpg "title=" 22.jpg "alt=" Wkiom1o48zuwtbqiaafx8h3rcwi915.jpg "/>
Summary: Conclusion: only the same NTFS The partition move retains its original permissions, and other cases inherit permissions from the destination folder.