Learn everything about folder and file NTFS permissions. What are their limitations? And whats about the inheritance of NTFS permissions and how can I see the effective permissions of a user? Check out this post to answer these questions!

Basic Concepts

NTFS

NTFS, which stands for New Technology File System, is Microsoft’s current file system for the Windows NT operating system. NTFS is the successor of Microsoft’s previous systems, FAT and HPFS, and contains a wide range of improvements in terms of performance, extendibility, and security.

The main differences between NTFS and its predecessors are:

FAT32 only supports individual files of up to 4GB in size. On the other hand, NTFS supports files of up to 16 EiB (16 × 1024 6 or 2 64 bytes).

or 2 bytes). The most important difference you need to understand in order to follow this tutorial is that NTFS supports file permissions and introduced the concept of the access control list (ACL), a concept we will be explaining in more detail as we proceed.

NTFS Permissions

NTFS permissions determine who have access to files or folders. These permissions can be assigned to individual users or groups, but the best practice is to assign them to groups whenever possible. NTFS Permissions are set in the ACL (Access Control List).

Access Control List (ACL)

The access control list (ACL) is the list of users or groups that have access to a certain object. An object can be a file or folder. Each entry in the ACL is known as an access control entry (ACE).

The users or groups in the ACL are known as trustees. NTFS Permissions can be allowed, denied, or audited.

To create, edit, or view access control lists, you right click on a file or folder then select Properties from the options displayed:

Next, click on the Security tab to display the access control list (ACL) for the chosen file or folder.

Understanding NTFS Permissions

Windows allows you to assign different types of permissions to an object. You can allow or deny such permissions. The types of NTFS permissions change depending on if you are working with a file or folder.

NTFS Folder Permissions

You can assign NTFS permissions to a user or group for a specific folder and, thus, control their access level. How these permissions are propagated to subfolders and their respective files is controlled by inheritance, a concept we will explain in more detail as we proceed. Next table lists and describes all permissions that can be allowed or denied for a certain user or group.